Example 1 with ConnectionType
use of org.jivesoftware.openfire.spi.ConnectionType in project Openfire by igniterealtime.
the class CertificateStoreManager method initialize.
@Override
public synchronized void initialize(XMPPServer server) {
super.initialize(server);
for (ConnectionType type : ConnectionType.values()) {
try {
Log.debug("(identity store for connection type '{}') Initializing store...", type);
final CertificateStoreConfiguration identityStoreConfiguration = getIdentityStoreConfiguration(type);
if (!identityStores.containsKey(identityStoreConfiguration)) {
final IdentityStore store = new IdentityStore(identityStoreConfiguration, false);
identityStores.put(identityStoreConfiguration, store);
}
typeToIdentityStore.put(type, identityStoreConfiguration);
} catch (CertificateStoreConfigException | IOException e) {
Log.warn("(identity store for connection type '{}') Unable to instantiate store ", type, e);
}
try {
Log.debug("(trust store for connection type '{}') Initializing store...", type);
final CertificateStoreConfiguration trustStoreConfiguration = getTrustStoreConfiguration(type);
if (!trustStores.containsKey(trustStoreConfiguration)) {
final TrustStore store = new TrustStore(trustStoreConfiguration, false);
trustStores.put(trustStoreConfiguration, store);
}
typeToTrustStore.put(type, trustStoreConfiguration);
} catch (CertificateStoreConfigException | IOException e) {
Log.warn("(trust store for connection type '{}') Unable to instantiate store ", type, e);
}
}
}
Also used :
ConnectionType(org.jivesoftware.openfire.spi.ConnectionType)
IOException(java.io.IOException)
Example 2 with ConnectionType
use of org.jivesoftware.openfire.spi.ConnectionType in project Openfire by igniterealtime.
the class SASLAuthentication method verifyCertificates.
public static boolean verifyCertificates(Certificate[] chain, String hostname, boolean isS2S) {
final CertificateStoreManager certificateStoreManager = XMPPServer.getInstance().getCertificateStoreManager();
final ConnectionType connectionType = isS2S ? ConnectionType.SOCKET_S2S : ConnectionType.SOCKET_C2S;
final KeyStore keyStore = certificateStoreManager.getIdentityStore(connectionType).getStore();
final KeyStore trustStore = certificateStoreManager.getTrustStore(connectionType).getStore();
final X509Certificate trusted = CertificateManager.getEndEntityCertificate(chain, keyStore, trustStore);
if (trusted != null) {
return verifyCertificate(trusted, hostname);
}
return false;
}
Also used :
ConnectionType(org.jivesoftware.openfire.spi.ConnectionType)
CertificateStoreManager(org.jivesoftware.openfire.keystore.CertificateStoreManager)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
ConnectionType (org.jivesoftware.openfire.spi.ConnectionType)2
IOException (java.io.IOException)1
KeyStore (java.security.KeyStore)1
X509Certificate (java.security.cert.X509Certificate)1
CertificateStoreManager (org.jivesoftware.openfire.keystore.CertificateStoreManager)1
