Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware MBeans Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)
E14651-06
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.jps.mas.mgmt.jmx.keystore
Interface JpsKeyStoreMXBean

All Known Implementing Classes:
JpsKeyStoreBeanImpl
@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.description",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@ImmutableInfo(value="true")
@Visibility(value=Advanced)
@SystemMBean
@MBeanRequiredGlobalSecurityRole(value=Admin)
public interface JpsKeyStoreMXBean

This interface defines the operations for KeyStore management complying to JMX standards

Field Summary
static java.lang.String RBN
           

 

Method Summary
 void changeKeyPassword(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] currentKeyPassword, char[] newKeyPassword)
          Changes the key password for a secret key or key pair entry
 void changeKeyStorePassword(java.lang.String stripeName, java.lang.String keystoreName, char[] currentKeyStorePassword, char[] newKeyStorePassword)
          Changes the password of a password protected keystore.
 void createDemoCASignedCertificate(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String DN, PortableMap keyProps, java.lang.String alias, char[] keyPassword)
          Generates a key pair and wraps it in a demo CA signed certificate
 void createKeyStore(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, boolean isPermissionProtected)
          This method creates a new key store.
 void deleteKeyStore(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword)
          This method deletes an existing key store
 void deleteKeyStoreEntry(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] keyPassword)
          Deletes a given entry from the key store
 java.lang.String exportCertificateRequest(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] keyPassword)
          Generates a PKCS#10 certificate request and exports it from a keystore
 java.lang.String exportCertificates(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] keyPassword, java.lang.String keystoreEntryType)
          Exports the certificate, certificate chain or trusted certificate in base64 format
 byte[] exportKeyStore(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String keyAliases, java.lang.String keyPasswords, java.lang.String keystoreType)
          Exports the keystore into a byte array
 void generateSecretKey(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, PortableMap keyProps, java.lang.String alias, char[] keyPassword)
          Generates a secret key
 java.security.cert.X509Certificate[] getCertificates(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] keyPassword)
          Returns the certificate, certificate chain or trusted certificate for a given alias
 boolean getFarmKeyStoreConfigured()
          This method returns true if KeyStoreService is configured.
 PortableMap getKeyStoreProperties(java.lang.String stripeName, java.lang.String keystoreName)
          helper method for EM to list a given keystore properties without specifying its password
 java.util.Map<java.lang.String,java.lang.String> getProperties()
          This method returns the configured properties for this service instance
 java.util.ArrayList<java.lang.String> getSecretKeyProperties(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] keyPassword)
          Returns the properties of the secret key, like key algorithm
 int[] getSupportedKeySize(java.lang.String algorithm)
          Helper method for EM to list the supported key sizes for a given key algorithm
 void importCertificates(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String alias, char[] keyPassword, java.lang.String keystoreEntryType, java.lang.String keystoreEntry)
          Imports a certificate, certificate chain or trusted certificate into a keystore
 void importKeyStore(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String keyAliases, java.lang.String keyPasswords, java.lang.String keystoreType, byte[] keystore, boolean isPermissionProtected)
          imports a keystore into keystore service
 boolean isPasswordValid(char[] password)
          Helper method for EM to check if a given password is valid
 java.lang.String[] listAliases(java.lang.String stripeName, java.lang.String keystoreName, char[] keystorePassword, java.lang.String keystoreEntryType)
          Lists the aliases present in a given key store
 java.util.ArrayList<java.util.ArrayList<java.lang.String>> listExpiringCertificates(int numberOfDaysFromExpiration, boolean autoRenew)
          Lists the certificates that are going to expire in the next "n" days.
 java.lang.String[] listKeyStores(java.lang.String stripeName)
          This method lists the keystores present within a given application stripe in the format <keystore>.

 

Field Detail

RBN

static final java.lang.String RBN
See Also:
Constant Field Values

Method Detail

getProperties

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.getProperties",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.util.Map<java.lang.String,java.lang.String> getProperties()
This method returns the configured properties for this service instance
Returns:
The properties

getFarmKeyStoreConfigured

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.getFKSConfigured",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
boolean getFarmKeyStoreConfigured()
This method returns true if KeyStoreService is configured. It returns false if it is legacy keystore service without key management functionality
Returns:

createKeyStore

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.createKeyStore",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void createKeyStore(java.lang.String stripeName,
                                       java.lang.String keystoreName,
                                       char[] keystorePassword,
                                       boolean isPermissionProtected)
                    throws oracle.as.jmx.framework.exceptions.ManagementException
This method creates a new key store.
Parameters:
stripeName - application stripe where keystore is created
keystoreName - name of the keystore created
keystorePassword - password of the key store. This is used only if the parameter isPermissionProtected is set to false.
isPermissionProtected - true if the keystore is permission protected only. false, if the keystore is protected by both permission and password
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

deleteKeyStore

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.deleteKeyStore",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void deleteKeyStore(java.lang.String stripeName,
                                       java.lang.String keystoreName,
                                       char[] keystorePassword)
                    throws oracle.as.jmx.framework.exceptions.ManagementException
This method deletes an existing key store
Parameters:
stripeName - application stripe where keystore is deleted
keystoreName - name of the keystore being deleted
keystorePassword - password of the keystore being deleted. This parameter is ignored if the keystore is permission protected only.
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

listKeyStores

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.listKeyStores",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.lang.String[] listKeyStores(java.lang.String stripeName)
                                 throws oracle.as.jmx.framework.exceptions.ManagementException
This method lists the keystores present within a given application stripe in the format <keystore>. If a wild card "*" is used in the stripe name, all keystores present under all application stripes are returned in the format <stripe>/<keystore>
Parameters:
stripeName - application stripe whose keystores need to be listed. Can be a wild card "*"
Returns:
An array of keystore names if stripe name is explicitly provided. If a wild card is used, it lists both stripe name and keystore name in the format <stripe>/<keystore>
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

changeKeyStorePassword

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.changeKeyStorePassword",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void changeKeyStorePassword(java.lang.String stripeName,
                                               java.lang.String keystoreName,
                                               char[] currentKeyStorePassword,
                                               char[] newKeyStorePassword)
                            throws oracle.as.jmx.framework.exceptions.ManagementException
Changes the password of a password protected keystore. If the keystore is only permission protected, this is a no-op.
Parameters:
stripeName - application stripe of the keystore whose password is changed
keystoreName - name of the keystore
currentKeyStorePassword - current keystore password
newKeyStorePassword - new keystore password
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

exportKeyStore

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.exportKeyStore",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
byte[] exportKeyStore(java.lang.String stripeName,
                                         java.lang.String keystoreName,
                                         char[] keystorePassword,
                                         java.lang.String keyAliases,
                                         java.lang.String keyPasswords,
                                         java.lang.String keystoreType)
                      throws oracle.as.jmx.framework.exceptions.ManagementException
Exports the keystore into a byte array
Parameters:
stripeName - application stripe of the keystore being exported
keystoreName - name of the keystore
keystorePassword - keystore password
keyAliases - comma separated list of aliases to be exported
keyPasswords - comma separated passwords corresponding to the aliases
keystoreType - format in which keystore needs to be exported. The supported types are JKS and JCEKS
Returns:
byte array representing the exported keystore
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

importKeyStore

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.importKeyStore",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void importKeyStore(java.lang.String stripeName,
                                       java.lang.String keystoreName,
                                       char[] keystorePassword,
                                       java.lang.String keyAliases,
                                       java.lang.String keyPasswords,
                                       java.lang.String keystoreType,
                                       byte[] keystore,
                                       boolean isPermissionProtected)
                    throws oracle.as.jmx.framework.exceptions.ManagementException
imports a keystore into keystore service
Parameters:
stripeName - application stripe of the keystore to which import should happen
keystoreName - name of the keystore
keystorePassword - password of the keystore being imported. Also represents the password of the imported keystore in KSS
keyAliases - comma separated list of aliases from the keystore being imported
keyPasswords - comma separated list of passwords corresponding to key aliases
keystoreType - type of keystore being imported, supported values are JKS and JCEKS
keystore - byte array representing the keystore being imported
isPermissionProtected - if the keystore being imported to, is permission protected only
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

createDemoCASignedCertificate

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.createDemoCASignedCertificate",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void createDemoCASignedCertificate(java.lang.String stripeName,
                                                      java.lang.String keystoreName,
                                                      char[] keystorePassword,
                                                      java.lang.String DN,
                                                      PortableMap keyProps,
                                                      java.lang.String alias,
                                                      char[] keyPassword)
                                   throws oracle.as.jmx.framework.exceptions.ManagementException
Generates a key pair and wraps it in a demo CA signed certificate
Parameters:
stripeName - application stripe where key pair is generated
keystoreName - name of the keystore
keystorePassword - password of the keystore. if it is permission protected only, the parameter is ignored
DN - distinguished name of the certificate
keyProps - properties representing information about the key pair, like key size and algorithm
alias - alias of the key pair
keyPassword - password of the key pair. this parameter is unused for keystore that is permission protected only
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

generateSecretKey

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.generateSecretKey",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void generateSecretKey(java.lang.String stripeName,
                                          java.lang.String keystoreName,
                                          char[] keystorePassword,
                                          PortableMap keyProps,
                                          java.lang.String alias,
                                          char[] keyPassword)
                       throws oracle.as.jmx.framework.exceptions.ManagementException
Generates a secret key
Parameters:
stripeName - application stripe where secret key is to be generated
keystoreName - name of the keystore
keystorePassword - keystore password, if the keystore is also password protected. The parameter is ignored if it is only permission protected
keyProps - properties representing information about the secret key, like key size and algorithm
alias - alias of the secret key
keyPassword - password of the key
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

changeKeyPassword

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.changeKeyPassword",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void changeKeyPassword(java.lang.String stripeName,
                                          java.lang.String keystoreName,
                                          char[] keystorePassword,
                                          java.lang.String alias,
                                          char[] currentKeyPassword,
                                          char[] newKeyPassword)
                       throws oracle.as.jmx.framework.exceptions.ManagementException
Changes the key password for a secret key or key pair entry
Parameters:
stripeName - application stripe
keystoreName - keystore name
keystorePassword - password of the keystore, ignored for only permission protected keystores
alias - alias of the key entry
currentKeyPassword - current key password
newKeyPassword - new key password
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

listAliases

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.listAliases",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.lang.String[] listAliases(java.lang.String stripeName,
                                                  java.lang.String keystoreName,
                                                  char[] keystorePassword,
                                                  java.lang.String keystoreEntryType)
                               throws oracle.as.jmx.framework.exceptions.ManagementException
Lists the aliases present in a given key store
Parameters:
stripeName - application stripe
keystoreName - keystore name
keystorePassword - password of the keystore
keystoreEntryType - type of entry to be listed. Valid values are "Certificate", "TrustedCertificate", "SecretKey" or "*" for all types
Returns:
An array of alias values
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

getCertificates

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.getCertificates",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.security.cert.X509Certificate[] getCertificates(java.lang.String stripeName,
                                                                        java.lang.String keystoreName,
                                                                        char[] keystorePassword,
                                                                        java.lang.String alias,
                                                                        char[] keyPassword)
                                                     throws oracle.as.jmx.framework.exceptions.ManagementException
Returns the certificate, certificate chain or trusted certificate for a given alias
Parameters:
stripeName - application stripe
keystoreName - name of the keystore
keystorePassword - password of the key store
alias - alias whose certificate needs to be exported
keyPassword - this parameter is not used
Returns:
returns an array of certificates
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

getSecretKeyProperties

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.getSecretKey",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.util.ArrayList<java.lang.String> getSecretKeyProperties(java.lang.String stripeName,
                                                                                java.lang.String keystoreName,
                                                                                char[] keystorePassword,
                                                                                java.lang.String alias,
                                                                                char[] keyPassword)
                                                             throws oracle.as.jmx.framework.exceptions.ManagementException
Returns the properties of the secret key, like key algorithm
Parameters:
stripeName - application stripe
keystoreName - name of the keystore
keystorePassword - keystore password, ignored for keystores that are only permission protected
alias - alias of the secret key entry
keyPassword - password of the scret key
Returns:
a list of secret key properties, currently includes algorithm name
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

exportCertificateRequest

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.exportCertificateRequest",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.lang.String exportCertificateRequest(java.lang.String stripeName,
                                                             java.lang.String keystoreName,
                                                             char[] keystorePassword,
                                                             java.lang.String alias,
                                                             char[] keyPassword)
                                          throws oracle.as.jmx.framework.exceptions.ManagementException
Generates a PKCS#10 certificate request and exports it from a keystore
Parameters:
stripeName - application stripe
keystoreName - name of the keystore
keystorePassword - password of the key store
alias - alias of the key pair entry which should be used for certificate request generation
keyPassword - password of the key pair
Returns:
a string representing the Base64 encoded certificate request
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

exportCertificates

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.exportCertificates",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
java.lang.String exportCertificates(java.lang.String stripeName,
                                                       java.lang.String keystoreName,
                                                       char[] keystorePassword,
                                                       java.lang.String alias,
                                                       char[] keyPassword,
                                                       java.lang.String keystoreEntryType)
                                    throws oracle.as.jmx.framework.exceptions.ManagementException
Exports the certificate, certificate chain or trusted certificate in base64 format
Parameters:
stripeName - application stripe
keystoreName - name of the keystore
keystorePassword - keystore password
alias - alias of the certificate entry to be exported
keyPassword - this parameter is not used
keystoreEntryType - type of entry to be exported. valid values are "Certificate", "TrustedCertificate" or "PKCS7"
Returns:
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

importCertificates

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.importCertificates",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void importCertificates(java.lang.String stripeName,
                                           java.lang.String keystoreName,
                                           char[] keystorePassword,
                                           java.lang.String alias,
                                           char[] keyPassword,
                                           java.lang.String keystoreEntryType,
                                           java.lang.String keystoreEntry)
                        throws oracle.as.jmx.framework.exceptions.ManagementException
Imports a certificate, certificate chain or trusted certificate into a keystore
Parameters:
stripeName - application stripe
keystoreName - name of the keystore
keystorePassword - keystore password
alias - alias where the entry should be imported
keyPassword - password of the key pair if the entry being exported is a certificate or certificate chain
keystoreEntryType - type of entry - valid values are "Certificate", "TrustedCertificate" or "PKCS7".
keystoreEntry - Base64 encoded entry to be imported
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

deleteKeyStoreEntry

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.deleteKeyStoreEntry",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
void deleteKeyStoreEntry(java.lang.String stripeName,
                                            java.lang.String keystoreName,
                                            char[] keystorePassword,
                                            java.lang.String alias,
                                            char[] keyPassword)
                         throws oracle.as.jmx.framework.exceptions.ManagementException
Deletes a given entry from the key store
Parameters:
stripeName - application stripe
keystoreName - name of the keystore
keystorePassword - keystore password; ignored for keystores that are only permission protected
alias - alias of the entry to be deleted
keyPassword - password of the secret key or key pair to be deleted.
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

listExpiringCertificates

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.listExpiringCertificates",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=1)
java.util.ArrayList<java.util.ArrayList<java.lang.String>> listExpiringCertificates(int numberOfDaysFromExpiration,
                                                                                                       boolean autoRenew)
                                                                                    throws oracle.as.jmx.framework.exceptions.ManagementException
Lists the certificates that are going to expire in the next "n" days.
Parameters:
numberOfDaysFromExpiration - Number of days within which certificates are going to expire
autoRenew - true if expiring certificates should be auto-renewed. false, if they should only be listed.
Returns:
a list of certificates (with stripe name, keystore name, alias and expiration date) that will expire within the next "n" days
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

getKeyStoreProperties

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.getKeyStoreProperties",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
PortableMap getKeyStoreProperties(java.lang.String stripeName,
                                                     java.lang.String keystoreName)
                                  throws oracle.as.jmx.framework.exceptions.ManagementException
helper method for EM to list a given keystore properties without specifying its password
Parameters:
stripeName - application stripe
keystoreName - keystore name
Returns:
properties of the keystore like if it is permission protected, its last modification time, whether it is hsm protected
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

getSupportedKeySize

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.getSupportedKeySize",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
int[] getSupportedKeySize(java.lang.String algorithm)
                          throws oracle.as.jmx.framework.exceptions.ManagementException
Helper method for EM to list the supported key sizes for a given key algorithm
Parameters:
algorithm - key algorithm
Returns:
supported key sizes
Throws:
oracle.as.jmx.framework.exceptions.ManagementException

isPasswordValid

@Description(resourceKey="oracle.security.jps.management.JpsKeyStoreMXBean.isPasswordValid",
             resourceBundleBasename="oracle_security_jps_mas_mgmt_util_JpsManagementMessages")
@Impact(value=0)
boolean isPasswordValid(char[] password)
Helper method for EM to check if a given password is valid
Parameters:
password - password to be checked - null or empty strings are not allowed
Returns:

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware MBeans Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)
E14651-06
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2013 Oracle. All rights reserved.