public class CertificateCheck extends Object
All checks have a void return type and throw an CertificateCheck.CertificateCheckException
on failure.
Modifier and Type | Class | Description |
---|---|---|
class |
CertificateCheck.CertificateCheckException |
Exception thrown when a test fails
|
Modifier and Type | Field | Description |
---|---|---|
protected CertificatePair |
cert |
CertificatePair under investivation
|
Constructor | Description |
---|---|
CertificateCheck(CertificatePair c) |
Create a new instance.
|
Modifier and Type | Method | Description |
---|---|---|
void |
check() |
Run the default checks.
|
protected void |
checkAccessPath() |
Check access to certificate directory.
|
protected void |
checkCertificate() |
Check the certificate.
|
protected void |
checkCSR() |
Check the certificate signing request (CSR).
|
void |
checkPrivate() |
Run the private key checks.
|
protected void |
checkPrivateKey() |
Check that the private key is valid.
|
protected void |
checkPrivateKeyDecryptValid() |
Check if the decrypted private key is valid.
|
protected void |
checkPrivateKeyMatchesCertificate() |
Check if the private key and certificate belong together.
|
protected void |
fail(String msg) |
Called when a check fails, throws an Exception.
|
protected void |
fail(String msg,
File f) |
Called when a check fails, throws an Exception.
|
static void |
main(String[] args) |
Test program that runs checks on a globus certificate directory.
|
protected CertificatePair cert
public CertificateCheck(CertificatePair c)
public void check() throws CertificateCheck.CertificateCheckException
Exceptions work such that only one exception is shown at once. So the order in which the checks appear is important.
public void checkPrivate() throws CertificateCheck.CertificateCheckException
This is a separate method from check() because it
requires the private key's password so either make sure the
user is expecting a password dialog, or the password is already
present in the PasswordCache
.
protected void checkAccessPath() throws CertificateCheck.CertificateCheckException
protected void checkPrivateKey() throws CertificateCheck.CertificateCheckException
It only checks that a private key file is present and has a valid format, not if it can be decrypted since we don't want to use the password.
protected void checkCertificate() throws CertificateCheck.CertificateCheckException
This is only checked if the certificate really exists, because it is optional (e.g. when the certificate signing request was made but the certificate not received from the CA).
protected void checkCSR() throws CertificateCheck.CertificateCheckException
This is only checked if the certificate does not exist, since only then is the CSR relevant.
protected void checkPrivateKeyDecryptValid() throws CertificateCheck.CertificateCheckException
This requires the private key to be decrypted so a password may be asked.
protected void checkPrivateKeyMatchesCertificate() throws CertificateCheck.CertificateCheckException
This requires the private key to be decrypted so a password may be asked. When the password prompt is cancelled, the check is silently ignored.
protected void fail(String msg) throws CertificateCheck.CertificateCheckException
protected void fail(String msg, File f) throws CertificateCheck.CertificateCheckException
Copyright © 2010-2018 Nikhef / Stichting FOM. All Rights Reserved.