Class SelfSignedCertificate


  • public final class SelfSignedCertificate
    extends java.lang.Object
    Generates a temporary self-signed certificate for testing purposes.

    NOTE: Never use the certificate and private key generated by this class in production. It is purely for testing purposes, and thus it is very insecure. It even uses an insecure pseudo-random generator for faster generation internally.

    A X.509 certificate file and a RSA private key file are generated in a system's temporary directory using File.createTempFile(String, String), and they are deleted when the JVM exits using File.deleteOnExit().

    At first, this method tries to use OpenJDK's X.509 implementation (the sun.security.x509 package). If it fails, it tries to use Bouncy Castle as a fallback.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private java.io.File certificate  
      private static InternalLogger logger  
      (package private) static java.util.Date NOT_AFTER
      The maximum possible value in X.509 specification: 9999-12-31 23:59:59
      (package private) static java.util.Date NOT_BEFORE
      Current time minus 1 year, just in case software clock goes back due to time synchronization
      private java.io.File privateKey  
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.io.File certificate()
      Returns the generated X.509 certificate file in PEM format.
      void delete()
      Deletes the generated X.509 certificate file and RSA private key file.
      (package private) static java.lang.String[] newSelfSignedCertificate​(java.lang.String fqdn, java.security.PrivateKey key, java.security.cert.X509Certificate cert)  
      java.io.File privateKey()
      Returns the generated RSA private key file in PEM format.
      private static void safeClose​(java.io.File keyFile, java.io.OutputStream keyOut)  
      private static void safeDelete​(java.io.File certFile)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • NOT_BEFORE

        static final java.util.Date NOT_BEFORE
        Current time minus 1 year, just in case software clock goes back due to time synchronization
      • NOT_AFTER

        static final java.util.Date NOT_AFTER
        The maximum possible value in X.509 specification: 9999-12-31 23:59:59
      • certificate

        private final java.io.File certificate
      • privateKey

        private final java.io.File privateKey
    • Constructor Detail

      • SelfSignedCertificate

        public SelfSignedCertificate()
                              throws java.security.cert.CertificateException
        Creates a new instance.
        Throws:
        java.security.cert.CertificateException
      • SelfSignedCertificate

        public SelfSignedCertificate​(java.lang.String fqdn)
                              throws java.security.cert.CertificateException
        Creates a new instance.
        Parameters:
        fqdn - a fully qualified domain name
        Throws:
        java.security.cert.CertificateException
      • SelfSignedCertificate

        public SelfSignedCertificate​(java.lang.String fqdn,
                                     java.security.SecureRandom random,
                                     int bits)
                              throws java.security.cert.CertificateException
        Creates a new instance.
        Parameters:
        fqdn - a fully qualified domain name
        random - the SecureRandom to use
        bits - the number of bits of the generated private key
        Throws:
        java.security.cert.CertificateException
    • Method Detail

      • certificate

        public java.io.File certificate()
        Returns the generated X.509 certificate file in PEM format.
      • privateKey

        public java.io.File privateKey()
        Returns the generated RSA private key file in PEM format.
      • delete

        public void delete()
        Deletes the generated X.509 certificate file and RSA private key file.
      • newSelfSignedCertificate

        static java.lang.String[] newSelfSignedCertificate​(java.lang.String fqdn,
                                                           java.security.PrivateKey key,
                                                           java.security.cert.X509Certificate cert)
                                                    throws java.io.IOException,
                                                           java.security.cert.CertificateEncodingException
        Throws:
        java.io.IOException
        java.security.cert.CertificateEncodingException
      • safeDelete

        private static void safeDelete​(java.io.File certFile)
      • safeClose

        private static void safeClose​(java.io.File keyFile,
                                      java.io.OutputStream keyOut)