Class SelfSignedCertificate

java.lang.Object
io.netty.handler.ssl.util.SelfSignedCertificate
public final class SelfSignedCertificate extends Object
Generates a temporary self-signed certificate for testing purposes.

NOTE: Never use the certificate and private key generated by this class in production. It is purely for testing purposes, and thus it is very insecure. It even uses an insecure pseudo-random generator for faster generation internally.

An X.509 certificate file and a EC/RSA private key file are generated in a system's temporary directory using File.createTempFile(String, String), and they are deleted when the JVM exits using File.deleteOnExit().

At first, this method tries to use OpenJDK's X.509 implementation (the sun.security.x509 package). If it fails, it tries to use Bouncy Castle as a fallback.

  • Constructor Details

    • SelfSignedCertificate

      public SelfSignedCertificate() throws CertificateException
      Creates a new instance.

      Algorithm: RSA

      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(Date notBefore, Date notAfter) throws CertificateException
      Creates a new instance.

      Algorithm: RSA

      Parameters:
      notBefore - Certificate is not valid before this time
      notAfter - Certificate is not valid after this time
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(Date notBefore, Date notAfter, String algorithm, int bits) throws CertificateException
      Creates a new instance.
      Parameters:
      notBefore - Certificate is not valid before this time
      notAfter - Certificate is not valid after this time
      algorithm - Key pair algorithm
      bits - the number of bits of the generated private key
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn) throws CertificateException
      Creates a new instance.

      Algorithm: RSA

      Parameters:
      fqdn - a fully qualified domain name
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, String algorithm, int bits) throws CertificateException
      Creates a new instance.
      Parameters:
      fqdn - a fully qualified domain name
      algorithm - Key pair algorithm
      bits - the number of bits of the generated private key
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, Date notBefore, Date notAfter) throws CertificateException
      Creates a new instance.

      Algorithm: RSA

      Parameters:
      fqdn - a fully qualified domain name
      notBefore - Certificate is not valid before this time
      notAfter - Certificate is not valid after this time
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, Date notBefore, Date notAfter, String algorithm, int bits) throws CertificateException
      Creates a new instance.
      Parameters:
      fqdn - a fully qualified domain name
      notBefore - Certificate is not valid before this time
      notAfter - Certificate is not valid after this time
      algorithm - Key pair algorithm
      bits - the number of bits of the generated private key
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, SecureRandom random, int bits) throws CertificateException
      Creates a new instance.

      Algorithm: RSA

      Parameters:
      fqdn - a fully qualified domain name
      random - the SecureRandom to use
      bits - the number of bits of the generated private key
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, SecureRandom random, String algorithm, int bits) throws CertificateException
      Creates a new instance.
      Parameters:
      fqdn - a fully qualified domain name
      random - the SecureRandom to use
      algorithm - Key pair algorithm
      bits - the number of bits of the generated private key
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, SecureRandom random, int bits, Date notBefore, Date notAfter) throws CertificateException
      Creates a new instance.

      Algorithm: RSA

      Parameters:
      fqdn - a fully qualified domain name
      random - the SecureRandom to use
      bits - the number of bits of the generated private key
      notBefore - Certificate is not valid before this time
      notAfter - Certificate is not valid after this time
      Throws:
      CertificateException

    • SelfSignedCertificate

      public SelfSignedCertificate(String fqdn, SecureRandom random, int bits, Date notBefore, Date notAfter, String algorithm) throws CertificateException
      Creates a new instance.
      Parameters:
      fqdn - a fully qualified domain name
      random - the SecureRandom to use
      bits - the number of bits of the generated private key
      notBefore - Certificate is not valid before this time
      notAfter - Certificate is not valid after this time
      algorithm - Key pair algorithm
      Throws:
      CertificateException

  • Method Details

    • certificate

      public File certificate()
      Returns the generated X.509 certificate file in PEM format.

    • privateKey

      public File privateKey()
      Returns the generated EC/RSA private key file in PEM format.

    • cert

      public X509Certificate cert()
      Returns the generated X.509 certificate.

    • key

      public PrivateKey key()
      Returns the generated EC/RSA private key.

    • delete

      public void delete()
      Deletes the generated X.509 certificate file and EC/RSA private key file.