public class SignatureSettings extends Object
Modifier and Type | Method and Description |
---|---|
static void |
addKeyStore(KeyStore keystore)
Adds any X509 certificates found in a key store to the trusted certificate list
to be used when verifying digital signatures.
|
static void |
addX509Certificate(X509Certificate certificate)
Adds a X509 certificate to the trusted certificate list to be used when verifying digital
signatures.
|
static Hashtable<String,Certificate> |
getCaCerts()
This method returns a hashtable of most-trusted CA certificates from the JDK keyed by the unique identifier
of the X509Certificate that is returned from SignatureSettings.getUniqueIdentifier(X509Certificate)
|
static Hashtable<String,Certificate> |
getTrustedCertificates()
This method returns a hashtable of trusted certificates keyed by the unique identifier
of the X509Certificate that is returned from SignatureSettings.getUniqueIdentifier(X509Certificate)
|
static String |
getUniqueIdentifier(X509Certificate certificate)
Returns a unique identifier for a certificate.
|
static boolean |
isCaCertsEnabled()
The CaCertsEnabled flag determines whether or not the certificates in cacerts from
the current JRE will be added to the trusted certificate cache used to verify digital
signatures.
|
static boolean |
isOSCertsEnabled()
The OSCertsEnabled flag determines whether or not the certificates in the operating system (Windows or Mac)
trusted certificates will be added to the trusted certificate cache used to verify digital
signatures.
|
static KeyStore |
loadCaKeyStore()
Loads the JDK CA KeyStore.
|
static KeyStore |
loadOSKeyStore()
Loads the OS KeyStore (if the OS is Windows or Mac).
|
static void |
reloadTrustedCertificates()
This method clears the trusted certificate list and reloads the trusted certificates.
|
static void |
setCaCertsEnabled(boolean enabled)
The CaCertsEnabled flag determines whether or not the certificates in cacerts from
the current JRE will be added to the trusted certificate cache used to verify digital
signatures.
|
static void |
setOSCertsEnabled(boolean enabled)
The OSCertsEnabled flag determines whether or not the certificates in the OS
trusted certificates will be added to the trusted certificate cache used to verify digital
signatures.
|
public static void setCaCertsEnabled(boolean enabled)
enabled
- New value of the flagpublic static boolean isCaCertsEnabled()
public static void setOSCertsEnabled(boolean enabled)
enabled
- New value of the flagpublic static boolean isOSCertsEnabled()
public static void addX509Certificate(X509Certificate certificate)
certificate
- the certificate to add to the trusted certificate listpublic static void addKeyStore(KeyStore keystore) throws KeyStoreException
keystore
- The key store object holding the certificates that will be added to the trusted list.KeyStoreException
- When there are errors opening the keystore.public static void reloadTrustedCertificates()
public static Hashtable<String,Certificate> getTrustedCertificates()
public static Hashtable<String,Certificate> getCaCerts()
public static KeyStore loadCaKeyStore()
public static KeyStore loadOSKeyStore()
public static String getUniqueIdentifier(X509Certificate certificate)
certificate
- The certificate to get the UID from.