From d3a10338d643cf04e89e577ba496c547e0bf7516 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Wed, 28 Feb 2007 21:01:32 +0000
Subject: [PATCH] Add a new key manager which provides the ability to specify which certificate should be presented based on its alias (aka its nickname).  This is used both by server-side code which needs to present a certificate to clients, as well as by client-side code which needs to present a certificate to the server.

---
 opends/src/server/org/opends/server/tools/SSLConnectionFactory.java |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/opends/src/server/org/opends/server/tools/SSLConnectionFactory.java b/opends/src/server/org/opends/server/tools/SSLConnectionFactory.java
index 630ed29..ebdf6eb 100644
--- a/opends/src/server/org/opends/server/tools/SSLConnectionFactory.java
+++ b/opends/src/server/org/opends/server/tools/SSLConnectionFactory.java
@@ -41,6 +41,7 @@
 import javax.net.ssl.TrustManagerFactory;
 
 import org.opends.server.extensions.BlindTrustManagerProvider;
+import org.opends.server.util.SelectableCertificateKeyManager;
 
 import static org.opends.server.messages.ToolMessages.*;
 import static org.opends.server.messages.MessageHandler.*;
@@ -74,6 +75,7 @@
    * @param  keyStorePath        The path to the key store file.
    * @param  keyStorePassword    The PIN to use to access the key store
    *                             contents.
+   * @param  clientAlias         The alias to use for the client certificate.
    * @param  trustStorePath      The path to the trust store file.
    * @param  trustStorePassword  The PIN to use to access the trust store
    *                             contents.
@@ -82,7 +84,7 @@
    *                                  connection factory.
    */
   public void init(boolean trustAll, String keyStorePath,
-                   String keyStorePassword,
+                   String keyStorePassword, String clientAlias,
                    String trustStorePath, String trustStorePassword)
          throws SSLConnectionException
   {
@@ -108,6 +110,12 @@
       {
         keyManagers = getKeyManagers(KeyStore.getDefaultType(), null,
                           keyStorePath, keyStorePassword);
+
+        if (clientAlias != null)
+        {
+          keyManagers = SelectableCertificateKeyManager.wrap(keyManagers,
+                                                             clientAlias);
+        }
       }
 
       ctx.init(keyManagers, trustManagers, new java.security.SecureRandom());

--
Gitblit v1.10.0