Package org.jenkinsci.plugins.nomad
Class OkHttpClientHelper
- java.lang.Object
-
- org.jenkinsci.plugins.nomad.OkHttpClientHelper
-
public class OkHttpClientHelper extends Object
Class which helps with theOkHttpClientand with the configuration of the transport layer security in particular.
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static KeyManager[]createKeyManagers(String path, String pass)Creates a list of key managers from a given client certificate.static SSLContextcreateSSLContext(KeyManager[] km, TrustManager[] tm)Creates an instance ofSSLContextfrom a given PKCS12 client and server certificate.static TrustManager[]createTrustManagers(String path, String pass)Creates a list of trust managers from a given server certificate.static voidinitTLS(okhttp3.OkHttpClient.Builder builder, String clientCertPath, String clientCertPass, String serverCertPath, String serverCertPass)Initializes the transport layer security for a given OkHttpClient.Builder.
-
-
-
Method Detail
-
initTLS
public static void initTLS(okhttp3.OkHttpClient.Builder builder, String clientCertPath, String clientCertPass, String serverCertPath, String serverCertPass) throws GeneralSecurityException, IOExceptionInitializes the transport layer security for a given OkHttpClient.Builder.- Parameters:
builder- OkHttpClient builder (not null, sslSocketFactory gets initialized)clientCertPath- Path to the PKCS12 client certificate (public and private key) or null (then client auth is disabled)clientCertPass- Password for PKCS12 client certificate (optional)serverCertPath- Path to the PKCS12 server certificate (CA or public key) or null (then the default truststore is used instead)serverCertPass- Password for PKCS12 client certificate (optional)- Throws:
GeneralSecurityException- if the client or server certificate is not validIOException- if the client or server certificate is not readable
-
createSSLContext
public static SSLContext createSSLContext(KeyManager[] km, TrustManager[] tm) throws GeneralSecurityException
Creates an instance ofSSLContextfrom a given PKCS12 client and server certificate.- Returns:
- SSLContext (not null)
- Throws:
GeneralSecurityException- if the ssl context cannot be created
-
createKeyManagers
public static KeyManager[] createKeyManagers(String path, String pass) throws GeneralSecurityException, IOException
Creates a list of key managers from a given client certificate.- Parameters:
path- Path to the PKCS12 client certificate which contains public and private key (optional)pass- Password for PKCS12 client certificate (optional)- Returns:
- list of key managers or null if path is empty
- Throws:
GeneralSecurityException- if the client certificate is not validIOException- if the client certificate is not readable
-
createTrustManagers
public static TrustManager[] createTrustManagers(String path, String pass) throws GeneralSecurityException, IOException
Creates a list of trust managers from a given server certificate. Note: If the path is empty then TLS is enabled but the server certificate is not validated.- Parameters:
path- Path to the PKCS12 server certificate (usually a common authority or a public key or empty).pass- Password for PKCS12 client certificate (optional)- Returns:
- list of trust managers (not null and not empty), when path is empty then the default truststore is returned
- Throws:
GeneralSecurityException- if the server certificate is not validIOException- if the server certificate is not readable
-
-