CertificateAmendment (JOSM)

java.lang.Object
- org.openstreetmap.josm.io.CertificateAmendment

```
public final class CertificateAmendment
extends java.lang.Object
```
Class to add missing root certificates to the list of trusted certificates for TLS connections. The added certificates are deemed trustworthy by the main web browsers and operating systems, but not included in some distributions of Java. The certificates are added in-memory at each start, nothing is written to disk.

Since:

9995

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`static class`	`CertificateAmendment.CertAmend` A certificate amendment.
`static class`	`CertificateAmendment.EmbeddedCertAmend` An embedded certificate amendment.
`static class`	`CertificateAmendment.NativeCertAmend` A certificate amendment relying on native platform certificate store.

Field Summary

Fields
Modifier and Type	Field and Description
`private static CertificateAmendment.EmbeddedCertAmend[]`	`CERT_AMEND` Certificates embedded in JOSM
`private static CertificateAmendment.NativeCertAmend[]`	`PLATFORM_CERT_AMEND` Certificates looked into platform native keystore and not embedded in JOSM.

Constructor Summary

Constructors
Modifier Constructor and Description

private CertificateAmendment()

Constructors
Modifier	Constructor and Description
`private`	`CertificateAmendment()`

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static void`	`addMissingCertificates()` Add missing root certificates to the list of trusted certificates for TLS connections.
`private static boolean`	`certificateIsMissing(java.security.KeyStore keyStore, java.security.cert.X509Certificate crt)` Check if the certificate is missing and needs to be added to the keystore.
`private static boolean`	`checkAndAddCertificate(java.security.MessageDigest md, java.security.cert.X509Certificate cert, CertificateAmendment.CertAmend certAmend, java.security.KeyStore keyStore)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- CERT_AMEND
```
private static final CertificateAmendment.EmbeddedCertAmend[] CERT_AMEND
```
  Certificates embedded in JOSM
- PLATFORM_CERT_AMEND
```
private static final CertificateAmendment.NativeCertAmend[] PLATFORM_CERT_AMEND
```
  Certificates looked into platform native keystore and not embedded in JOSM. Identifiers must match Windows/macOS keystore aliases and Unix filenames for efficient search. To find correct values, see https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReport and https://support.apple.com/en-us/HT208127

Constructor Detail
- CertificateAmendment
```
private CertificateAmendment()
```

Method Detail

addMissingCertificates
```
public static void addMissingCertificates()
                                   throws java.io.IOException,
                                          java.security.GeneralSecurityException
```
Add missing root certificates to the list of trusted certificates for TLS connections.

Throws:

java.io.IOException - if an I/O error occurs

java.security.GeneralSecurityException - if a security error occurs

checkAndAddCertificate

private static boolean checkAndAddCertificate(java.security.MessageDigest md,
                                              java.security.cert.X509Certificate cert,
                                              CertificateAmendment.CertAmend certAmend,
                                              java.security.KeyStore keyStore)
                                       throws java.security.cert.CertificateEncodingException,
                                              java.security.KeyStoreException,
                                              java.security.InvalidAlgorithmParameterException

Throws:: java.security.cert.CertificateEncodingException; java.security.KeyStoreException; java.security.InvalidAlgorithmParameterException

certificateIsMissing
```
private static boolean certificateIsMissing(java.security.KeyStore keyStore,
                                            java.security.cert.X509Certificate crt)
                                     throws java.security.KeyStoreException,
                                            java.security.InvalidAlgorithmParameterException
```
Check if the certificate is missing and needs to be added to the keystore.

Parameters:

keyStore - the keystore

crt - the certificate

Returns:

true, if the certificate is not contained in the keystore

Throws:

java.security.InvalidAlgorithmParameterException - if the keystore does not contain at least one trusted certificate entry

java.security.KeyStoreException - if the keystore has not been initialized

Class CertificateAmendment

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

CERT_AMEND

PLATFORM_CERT_AMEND

Constructor Detail

CertificateAmendment

Method Detail

addMissingCertificates

checkAndAddCertificate

certificateIsMissing