Package com.helger.peppol.security
Class MozillaNSSTrustStore
java.lang.Object
com.helger.peppol.security.MozillaNSSTrustStore
This class provides the Mozilla NSS root certificate trust store for TLS connection validation.
Unlike
PeppolTrustStores which handles Peppol-specific CA certificates for AS4 payload
signing and encryption, this trust store contains the Mozilla NSS root CAs used for general TLS
server certificate verification (e.g. when connecting to SMP or SML endpoints over HTTPS).
The trust store is derived from the Mozilla NSS certdata.txt file and contains only
certificates trusted for TLS server authentication (CKT_NSS_TRUSTED_DELEGATOR for
CKA_TRUST_SERVER_AUTH).
The trust store can be regenerated using MainConvertNSSCertData.
- Since:
- 12.4.2
- Author:
- Philip Helger
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final @NonNull KeyStoreThe full Mozilla NSS root certificate trust store.static final StringThe classpath entry referencing the Mozilla NSS root certificate trust storestatic final com.helger.security.keystore.ITrustStoreDescriptorThe trust store descriptor for the Mozilla NSS root certificate trust storestatic final StringThe password used to access the trust storestatic final com.helger.security.keystore.EKeyStoreTypeTruststore key store type - always PKCS 12 -
Method Summary
-
Field Details
-
TRUSTSTORE_TYPE
public static final com.helger.security.keystore.EKeyStoreType TRUSTSTORE_TYPETruststore key store type - always PKCS 12 -
TRUSTSTORE_PASSWORD
The password used to access the trust store- See Also:
-
TRUSTSTORE_CLASSPATH
The classpath entry referencing the Mozilla NSS root certificate trust store- See Also:
-
TRUSTSTORE_DESCRIPTOR
public static final com.helger.security.keystore.ITrustStoreDescriptor TRUSTSTORE_DESCRIPTORThe trust store descriptor for the Mozilla NSS root certificate trust store -
TRUSTSTORE
The full Mozilla NSS root certificate trust store. Never modify.
-