Package org.openstreetmap.josm.io
Class CertificateAmendment
- java.lang.Object
-
- org.openstreetmap.josm.io.CertificateAmendment
-
public final class CertificateAmendment extends java.lang.Object
Class to add missing root certificates to the list of trusted certificates for TLS connections. The added certificates are deemed trustworthy by the main web browsers and operating systems, but not included in some distributions of Java. The certificates are added in-memory at each start, nothing is written to disk.- Since:
- 9995
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classCertificateAmendment.CertAmendA certificate amendment.static classCertificateAmendment.EmbeddedCertAmendAn embedded certificate amendment.static classCertificateAmendment.NativeCertAmendA certificate amendment relying on native platform certificate store.
-
Field Summary
Fields Modifier and Type Field Description private static CertificateAmendment.EmbeddedCertAmend[]CERT_AMENDCertificates embedded in JOSMprivate static CertificateAmendment.NativeCertAmend[]PLATFORM_CERT_AMENDCertificates looked into platform native keystore and not embedded in JOSM.
-
Constructor Summary
Constructors Modifier Constructor Description privateCertificateAmendment()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static voidaddMissingCertificates()Add missing root certificates to the list of trusted certificates for TLS connections.private static booleancertificateIsMissing(java.security.KeyStore keyStore, java.security.cert.X509Certificate crt)Check if the certificate is missing and needs to be added to the keystore.private static booleancheckAndAddCertificate(java.security.MessageDigest md, java.security.cert.X509Certificate cert, CertificateAmendment.CertAmend certAmend, java.security.KeyStore keyStore)
-
-
-
Field Detail
-
CERT_AMEND
private static final CertificateAmendment.EmbeddedCertAmend[] CERT_AMEND
Certificates embedded in JOSM
-
PLATFORM_CERT_AMEND
private static final CertificateAmendment.NativeCertAmend[] PLATFORM_CERT_AMEND
Certificates looked into platform native keystore and not embedded in JOSM. Identifiers must match Windows/macOS keystore aliases and Unix filenames for efficient search. To find correct values, see:
-
-
Constructor Detail
-
CertificateAmendment
private CertificateAmendment()
-
-
Method Detail
-
addMissingCertificates
public static void addMissingCertificates() throws java.io.IOException, java.security.GeneralSecurityException
Add missing root certificates to the list of trusted certificates for TLS connections.- Throws:
java.io.IOException- if an I/O error occursjava.security.GeneralSecurityException- if a security error occurs
-
checkAndAddCertificate
private static boolean checkAndAddCertificate(java.security.MessageDigest md, java.security.cert.X509Certificate cert, CertificateAmendment.CertAmend certAmend, java.security.KeyStore keyStore) throws java.security.cert.CertificateEncodingException, java.security.KeyStoreException, java.security.InvalidAlgorithmParameterException
- Throws:
java.security.cert.CertificateEncodingExceptionjava.security.KeyStoreExceptionjava.security.InvalidAlgorithmParameterException
-
certificateIsMissing
private static boolean certificateIsMissing(java.security.KeyStore keyStore, java.security.cert.X509Certificate crt) throws java.security.KeyStoreException, java.security.InvalidAlgorithmParameterException
Check if the certificate is missing and needs to be added to the keystore.- Parameters:
keyStore- the keystorecrt- the certificate- Returns:
- true, if the certificate is not contained in the keystore
- Throws:
java.security.InvalidAlgorithmParameterException- if the keystore does not contain at least one trusted certificate entryjava.security.KeyStoreException- if the keystore has not been initialized
-
-