KeytoolSelfSignedCertGenerator Class — netty Architecture
Architecture documentation for the KeytoolSelfSignedCertGenerator class in KeytoolSelfSignedCertGenerator.java from the netty codebase.
Entity Profile
Dependency Diagram
graph TD 7d93c1db_41b2_7d8c_513d_ce103edd9897["KeytoolSelfSignedCertGenerator"] 8154e234_2b0f_c431_7fe3_902c762ee7ce["KeytoolSelfSignedCertGenerator.java"] 7d93c1db_41b2_7d8c_513d_ce103edd9897 -->|defined in| 8154e234_2b0f_c431_7fe3_902c762ee7ce b103cbae_443c_f51f_1a2c_ce7a6aec4a71["KeytoolSelfSignedCertGenerator()"] 7d93c1db_41b2_7d8c_513d_ce103edd9897 -->|method| b103cbae_443c_f51f_1a2c_ce7a6aec4a71 ba2549e7_0a7e_ccce_5b9d_9171b7328133["isAvailable()"] 7d93c1db_41b2_7d8c_513d_ce103edd9897 -->|method| ba2549e7_0a7e_ccce_5b9d_9171b7328133 1736d790_bdb1_a678_100c_8a59bd8956c1["generate()"] 7d93c1db_41b2_7d8c_513d_ce103edd9897 -->|method| 1736d790_bdb1_a678_100c_8a59bd8956c1
Relationship Graph
Source Code
handler/src/main/java/io/netty/handler/ssl/util/KeytoolSelfSignedCertGenerator.java lines 42–142
final class KeytoolSelfSignedCertGenerator {
private static final DateTimeFormatter DATE_FORMAT =
DateTimeFormatter.ofPattern("yyyy/MM/dd HH:mm:ss", Locale.ROOT);
private static final String ALIAS = "alias";
private static final String PASSWORD = "insecurepassword";
private static final Path KEYTOOL;
private static final String KEY_STORE_TYPE;
static {
String home = System.getProperty("java.home");
if (home == null) {
KEYTOOL = null;
} else {
Path likely = Paths.get(home).resolve("bin").resolve("keytool");
if (Files.exists(likely)) {
KEYTOOL = likely;
} else {
KEYTOOL = null;
}
}
// Java < 11 does not support encryption for PKCS#12: JDK-8220734
// For 11+, we prefer PKCS#12 for FIPS compliance
KEY_STORE_TYPE = PlatformDependent.javaVersion() >= 11 ? "PKCS12" : "JKS";
}
private KeytoolSelfSignedCertGenerator() {
}
static boolean isAvailable() {
return KEYTOOL != null;
}
static void generate(SelfSignedCertificate.Builder builder) throws IOException, GeneralSecurityException {
// Change all asterisk to 'x' for file name safety.
String dirFqdn = builder.fqdn.replaceAll("[^\\w.-]", "x");
Path directory = Files.createTempDirectory("keytool_" + dirFqdn);
Path keyStore = directory.resolve("keystore.jks");
try {
Process process = new ProcessBuilder()
.command(
KEYTOOL.toAbsolutePath().toString(),
"-genkeypair",
"-keyalg", builder.algorithm,
"-keysize", String.valueOf(builder.bits),
"-startdate", DATE_FORMAT.format(
builder.notBefore.toInstant().atZone(ZoneId.systemDefault())),
"-validity", String.valueOf(builder.notBefore.toInstant().until(
builder.notAfter.toInstant(), ChronoUnit.DAYS)),
"-keystore", keyStore.toString(),
"-alias", ALIAS,
"-keypass", PASSWORD,
"-storepass", PASSWORD,
"-dname", "CN=" + builder.fqdn,
"-storetype", KEY_STORE_TYPE
)
.redirectErrorStream(true)
.start();
try {
if (!process.waitFor(60, TimeUnit.SECONDS)) {
process.destroyForcibly();
throw new IOException("keytool timeout");
}
} catch (InterruptedException e) {
process.destroyForcibly();
Thread.currentThread().interrupt();
throw new InterruptedIOException();
}
if (process.exitValue() != 0) {
ByteBuf buffer = Unpooled.buffer();
try {
try (InputStream stream = process.getInputStream()) {
while (true) {
if (buffer.writeBytes(stream, 4096) == -1) {
break;
}
}
}
String log = buffer.toString(StandardCharsets.UTF_8);
throw new IOException("Keytool exited with status " + process.exitValue() + ": " + log);Source
Frequently Asked Questions
What is the KeytoolSelfSignedCertGenerator class?
KeytoolSelfSignedCertGenerator is a class in the netty codebase, defined in handler/src/main/java/io/netty/handler/ssl/util/KeytoolSelfSignedCertGenerator.java.
Where is KeytoolSelfSignedCertGenerator defined?
KeytoolSelfSignedCertGenerator is defined in handler/src/main/java/io/netty/handler/ssl/util/KeytoolSelfSignedCertGenerator.java at line 42.
Analyze Your Own Codebase
Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.
Try Supermodel Free