Package com.adobe.granite.security.user
Interface SSLConfigurationService
public interface SSLConfigurationService
The
SSLConfigurationService allows verifying whether a valid SSL configuration is present.-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionbooleanisSSLConfigured(ResourceResolver resolver) Verifies whether an HTTPs listener is configured and available.
-
Field Details
-
SSL_SERVICE_USER_ID
The id of the service user holding the key store.- See Also:
-
KEYSTORE_ALIAS
The name of the alias under which key and certificate are stored in the key store.- See Also:
-
-
Method Details
-
isSSLConfigured
Verifies whether an HTTPs listener is configured and available. The method must be called with the resource resolver of the admin user itself. Membership of the administrators group is insufficient.
The configuration is considered valid in the following circumstances:- An OSGi configuration for the Granite SSL Connector Factory is present
- The "Keystore User" (
SSL_SERVICE_USER_IDnormally) from the Granite SSL Connector Factory configuration exists and its key store contains a valid private key and certificate (chain) under the correct alias (KEYSTORE_ALIASnormally) - The
SSLConfigurationServiceis able to perform an HTTPS request upon its own instance and the return code is <400 or 401. Note: invalid (i.e. self-signed) SSL certificates are silently accepted. Note: The hostname to connect to is derived from the Sling Topology local endpoint property.
- Parameters:
resolver- The admin-user resource resolver to access configuration and key store.- Returns:
trueif the SSL configuration is present and valid.- Throws:
SecurityException- If the resolver is not the one of the admin user.
-