{"id":16883073,"url":"https://github.com/tsaarni/reloading-keystore","last_synced_at":"2025-03-20T05:16:59.195Z","repository":{"id":40439558,"uuid":"502701132","full_name":"tsaarni/reloading-keystore","owner":"tsaarni","description":"KeyStore for Java with certificate hot-reload and PEM file support","archived":false,"fork":false,"pushed_at":"2024-04-15T07:19:01.000Z","size":491,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-04-24T06:31:04.636Z","etag":null,"topics":["certificates","java","keystore","tls","x509"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tsaarni.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-12T18:49:48.000Z","updated_at":"2024-07-04T18:08:20.411Z","dependencies_parsed_at":"2023-10-26T09:33:49.080Z","dependency_job_id":"52cc00f1-6f00-4a94-88ef-532a3334f459","html_url":"https://github.com/tsaarni/reloading-keystore","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsaarni%2Freloading-keystore","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsaarni%2Freloading-keystore/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsaarni%2Freloading-keystore/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsaarni%2Freloading-keystore/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tsaarni","download_url":"https://codeload.github.com/tsaarni/reloading-keystore/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244554126,"owners_count":20471173,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificates","java","keystore","tls","x509"],"created_at":"2024-10-13T16:10:15.592Z","updated_at":"2025-03-20T05:16:59.176Z","avatar_url":"https://github.com/tsaarni.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Reloading KeyStore for Java\n\n![](https://github.com/tsaarni/reloading-keystore/workflows/unit-tests/badge.svg)\n[![Maven Central](https://img.shields.io/maven-central/v/fi.protonode/reloading-keystore)](https://search.maven.org/search?q=g:fi.protonode%20AND%20a:reloading-keystore)\n\n## Description\n\nThis project is a library that implements custom `KeyStore` with following features:\n\n* Automatically reload credentials from disk when the underlying files change.\n* Load certificates and private keys directly from `.pem` files, in addition to `.p12` and `.jks` keystore files.\n* Allow user to set fallback certificate which will be used by server when a client does not send TLS SNI extension (Server Name Indication) or sends unknown servername.\n\nThese features can be implemented in relatively few lines of code, without external dependencies and without background threads.\n\nUse this project either as a tutorial on how to implement custom `KeyStoreSpi` or import the library directly into your application.\n\n## Documentation\n\nThe code is compatible with JDK 8 and above.\n\nSee the [implementation description](docs/implementation-description.md)\nfor details and related background discussion about JSSE (Java Secure Socket Extension).\n\nRead the latest API documentation [here](https://tsaarni.github.io/reloading-keystore).\n\n## Example\n\nFollowing example shows how to create a TLS server that reads its server credentials from PEM files.\nIt constructs an instance of custom `KeyStore` which will have the special capabilities mentioned previously.\nIt is then passed to `KeyManager` just like the standard `KeyStores`.\n\n```java\n// Create KeyManagerFactory with ReloadingKeyStore, implemented by custom KeyStoreSpi.\n// Credentials in the KeyStore are loaded from server.pem and server-key.pem.\n// ReloadingKeyStore keeps track of the files for being able to reload them later.\nKeyManagerFactory kmf = KeyManagerFactory.getInstance(\"NewSunX509\");\nkmf.init(new KeyStoreBuilderParameters(ReloadingKeyStore.Builder.fromPem(\n    Paths.get(\"server.pem\"), Paths.get(\"server-key.pem\"))));\n\n// Otherwise continue as with any KeyStore implementation:\n\n// Initialize SSLContext with our KeyManager.\nSSLContext ctx = SSLContext.getInstance(\"TLS\");\nctx.init(kmf.getKeyManagers(), null, null);\n\n// Create server socket and start accepting connections.\n// Server will query our KeyManager for server credentials every time it\n// gets a new connection from clients.\n// Credentials will be reloaded automatically when they are updated on disk.\nSSLServerSocketFactory ssf = ctx.getServerSocketFactory();\nSSLServerSocket socket = (SSLServerSocket) ssf.createServerSocket(\n    8443, 1, InetAddress.getByName(\"localhost\"));\n\ntry (SSLSocket client = (SSLSocket) socket.accept()) {\n    // ...\n}\n```\n\nFor more code examples, see the test suite [here](lib/src/test/java/fi/protonode/reloadingkeystore/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftsaarni%2Freloading-keystore","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftsaarni%2Freloading-keystore","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftsaarni%2Freloading-keystore/lists"}