java.lang.Object
- com.sun.enterprise.admin.servermgmt.KeystoreManager

Direct Known Subclasses:

MasterPasswordFileManager, NodeKeystoreManager
```
public class KeystoreManager
extends Object
```
Author:

kebbs

Nested Class Summary

Nested Classes
Modifier and Type Class Description

protected static class KeystoreManager.KeytoolExecutor

Field Summary

Fields
Modifier and Type	Field	Description
`protected PEFileLayout`	`_fileLayout`
`static String`	`CERTIFICATE_ALIAS`
`static String`	`DEFAULT_MASTER_PASSWORD`
`static String`	`INSTANCE_SECURE_ADMIN_ALIAS`

Constructor Summary

Constructors
Constructor Description

KeystoreManager()
Creates a new instance of RepositoryManager

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected void`	`changeKeystorePassword(String oldPassword, String newPassword, File keystore)`	Changes the keystore password
`protected void`	`changeS1ASAliasPassword(RepositoryConfig config, String storePassword, String oldKeyPassword, String newKeyPassword)`	Changes the key password for the default cert whose alias is s1as.
`protected void`	`changeSSLCertificateDatabasePassword(RepositoryConfig config, String oldPassword, String newPassword)`	Changes the password of the keystore, truststore and the key password of the s1as alias.
`protected void`	`chmod(String args, File file)`
`protected void`	`copyCertificates(File configRoot, DomainConfig config, String masterPassword)`
`protected void`	`createKeyStore(File keystore, RepositoryConfig config, String masterPassword)`	Create the default SSL key store using keytool to generate a self signed certificate.
`protected static String`	`getCertificateDN(RepositoryConfig cfg, String CNSuffix)`
`static String`	`getDASCertDN(RepositoryConfig cfg)`
`protected PEFileLayout`	`getFileLayout(RepositoryConfig config)`
`static String`	`getInstanceCertDN(RepositoryConfig cfg)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CERTIFICATE_ALIAS

public static final String CERTIFICATE_ALIAS

See Also:: Constant Field Values

INSTANCE_SECURE_ADMIN_ALIAS

public static final String INSTANCE_SECURE_ADMIN_ALIAS

See Also:: Constant Field Values

DEFAULT_MASTER_PASSWORD

public static final String DEFAULT_MASTER_PASSWORD

See Also:: Constant Field Values

_fileLayout
```
protected PEFileLayout _fileLayout
```

Constructor Detail
- KeystoreManager
```
public KeystoreManager()
```
  Creates a new instance of RepositoryManager

Method Detail

getCertificateDN

protected static String getCertificateDN(RepositoryConfig cfg,
                                         String CNSuffix)

getFileLayout

protected PEFileLayout getFileLayout(RepositoryConfig config)

createKeyStore

protected void createKeyStore(File keystore,
                              RepositoryConfig config,
                              String masterPassword)
                       throws RepositoryException

Create the default SSL key store using keytool to generate a self signed certificate.

Parameters:: config -; masterPassword -
Throws:: RepositoryException

copyCertificates

protected void copyCertificates(File configRoot,
                                DomainConfig config,
                                String masterPassword)
                         throws DomainException

Throws:: DomainException

changeKeystorePassword

protected void changeKeystorePassword(String oldPassword,
                                      String newPassword,
                                      File keystore)
                               throws RepositoryException

Changes the keystore password

Parameters:: oldPassword - the old keystore password; newPassword - the new keystore password; keystore - the keystore whose password is to be changed.
Throws:: RepositoryException

changeS1ASAliasPassword
```
protected void changeS1ASAliasPassword(RepositoryConfig config,
                                       String storePassword,
                                       String oldKeyPassword,
                                       String newKeyPassword)
                                throws RepositoryException
```
Changes the key password for the default cert whose alias is s1as. The assumption here is that the keystore password is not the same as the key password. This is due to the fact that the keystore password should first be changed followed next by the key password. The end result is that the keystore and s1as key both have the same passwords. This function will tolerate deletion of the s1as alias, but it will not tolerate changing the s1as key from something other than the database password.

Parameters:

config -

storePassword - the keystore password

oldKeyPassword - the old password for the s1as alias

newKeyPassword - the new password for the s1as alias

Throws:

RepositoryException

changeSSLCertificateDatabasePassword

protected void changeSSLCertificateDatabasePassword(RepositoryConfig config,
                                                    String oldPassword,
                                                    String newPassword)
                                             throws RepositoryException

Changes the password of the keystore, truststore and the key password of the s1as alias. It is expected that the key / truststores may not exist. This is due to the fact that the user may have deleted them and wishes to set up their own key/truststore

Parameters:: config -; storePassword -; oldKeyPassword -; newKeyPassword -
Throws:: RepositoryException

chmod

protected void chmod(String args,
                     File file)
              throws IOException

Throws:: IOException

getDASCertDN

public static String getDASCertDN(RepositoryConfig cfg)

getInstanceCertDN

public static String getInstanceCertDN(RepositoryConfig cfg)

Class KeystoreManager

Nested Class Summary