Module io.netty5.handler
Package io.netty5.handler.ssl.util

Class SelfSignedCertificate

  • public final class SelfSignedCertificate
extends Object
    Generates a temporary self-signed certificate for testing purposes.

    NOTE: Never use the certificate and private key generated by this class in production. It is purely for testing purposes, and thus it is very insecure. It even uses an insecure pseudo-random generator for faster generation internally.

    An X.509 certificate file and a EC/RSA private key file are generated in a system's temporary directory using File.createTempFile(String, String), and they are deleted when the JVM exits using File.deleteOnExit().

    The certificate is generated using Bouncy Castle, which is an optional dependency of Netty.

    • Constructor Detail

      • SelfSignedCertificate

        public SelfSignedCertificate​(Date notBefore,
                             Date notAfter)
                      throws CertificateException
        Creates a new instance.

        Algorithm: RSA

        Parameters:
        notBefore - Certificate is not valid before this time
        notAfter - Certificate is not valid after this time
        Throws:
        CertificateException

      • SelfSignedCertificate

        public SelfSignedCertificate​(Date notBefore,
                             Date notAfter,
                             String algorithm,
                             int bits)
                      throws CertificateException
        Creates a new instance.
        Parameters:
        notBefore - Certificate is not valid before this time
        notAfter - Certificate is not valid after this time
        algorithm - Key pair algorithm
        bits - the number of bits of the generated private key
        Throws:
        CertificateException

      • SelfSignedCertificate

        public SelfSignedCertificate​(String fqdn,
                             String algorithm,
                             int bits)
                      throws CertificateException
        Creates a new instance.
        Parameters:
        fqdn - a fully qualified domain name
        algorithm - Key pair algorithm
        bits - the number of bits of the generated private key
        Throws:
        CertificateException

      • SelfSignedCertificate

        public SelfSignedCertificate​(String fqdn,
                             Date notBefore,
                             Date notAfter)
                      throws CertificateException
        Creates a new instance.

        Algorithm: RSA

        Parameters:
        fqdn - a fully qualified domain name
        notBefore - Certificate is not valid before this time
        notAfter - Certificate is not valid after this time
        Throws:
        CertificateException

      • SelfSignedCertificate

        public SelfSignedCertificate​(String fqdn,
                             Date notBefore,
                             Date notAfter,
                             String algorithm,
                             int bits)
                      throws CertificateException
        Creates a new instance.
        Parameters:
        fqdn - a fully qualified domain name
        notBefore - Certificate is not valid before this time
        notAfter - Certificate is not valid after this time
        algorithm - Key pair algorithm
        bits - the number of bits of the generated private key
        Throws:
        CertificateException

      • SelfSignedCertificate

        public SelfSignedCertificate​(String fqdn,
                             SecureRandom random,
                             int bits,
                             Date notBefore,
                             Date notAfter)
                      throws CertificateException
        Creates a new instance.

        Algorithm: RSA

        Parameters:
        fqdn - a fully qualified domain name
        random - the SecureRandom to use
        bits - the number of bits of the generated private key
        notBefore - Certificate is not valid before this time
        notAfter - Certificate is not valid after this time
        Throws:
        CertificateException

      • SelfSignedCertificate

        public SelfSignedCertificate​(String fqdn,
                             SecureRandom random,
                             int bits,
                             Date notBefore,
                             Date notAfter,
                             String algorithm)
                      throws CertificateException
        Creates a new instance.
        Parameters:
        fqdn - a fully qualified domain name
        random - the SecureRandom to use
        bits - the number of bits of the generated private key
        notBefore - Certificate is not valid before this time
        notAfter - Certificate is not valid after this time
        algorithm - Key pair algorithm
        Throws:
        CertificateException

    • Method Detail

      • certificate

        public File certificate()
        Returns the generated X.509 certificate file in PEM format.

      • privateKey

        public File privateKey()
        Returns the generated EC/RSA private key file in PEM format.

      • cert

        public X509Certificate cert()
        Returns the generated X.509 certificate.

      • key

        public PrivateKey key()
        Returns the generated EC/RSA private key.

      • delete

        public void delete()
        Deletes the generated X.509 certificate file and EC/RSA private key file.