Complete refactoring. Only accept a single Trusted CA certificate tha…

…t can be set using TRUSTED_CA_CERTIFICATE system property.

README.md

@@ -5,7 +5,7 @@
 
 Provides spring boot application with a [java SSL truststore](https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores) made up of :
  * default truststore CA certificates
- * additional CA certificates extracted from a custom <i>TRUSTSTORE</i> System property
+ * additional CA certificate extracted from a custom <i>TRUSTED_CA_CERTIFICATE_VALUE</i> System property
 
 The [java SSL truststore](https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores) will be accessible through <i>javax.net.ssl.trustStore</i> and <i>javax.net.ssl.trustStorePassword</i> system properties.
 
@@ -33,17 +33,38 @@ Example for maven
         <dependency>
                 <groupId>com.orange.clara.cloud.boot.ssl-truststore-gen</groupId>
                 <artifactId>spring-boot-ssl-truststore-gen</artifactId>
-                <version>1.0.14</version>
+                <version>2.0.21</version>
         </dependency>
 ```
 
-and set a <i>TRUSTSTORE</i> System property with a [json](https://en.wikipedia.org/wiki/JSON) chain containing CA Certificates to add to default java trustore
+and set a <i>TRUSTED_CA_CERTIFICATE</i> System property with a String chain containing trusted CA Certificate to add to default java truststore
 
 ```
-$ export TRUSTSTORE=<JSON_TRUSTSTORE_VALUE>
+$ export TRUSTED_CA_CERTIFICATE=<TRUSTED_CA_CERTIFICATE_VALUE>
 ```
 
-Here is a sample of <JSON_TRUSTSTORE_VALUE> content :
-
-{"certificates":["-----BEGIN CERTIFICATE-----\r\nMIIDhzCCAm+gAwIBAgIEYmqHlTANBgkqhkiG9w0BAQsFADB0MRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlqb2huIHBhdWwwHhcNMTUxMDI5MTQzNjEwWhcNMTYwMTI3MTQzNjEwWjB0MRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlqb2huIHBhdWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+UGMvPPnJowZcE5KI+FSyg8kCJtXLAK59e9JqMnbzzJUX3RQfT2BH08xN0z+cGdqOQNV7gvf2TCEJYOwFqB60JEhIgNPXGY/xOcFHY7qm+5MMXSvkxPw4yCEFj1vxfGY8kBKXWknhmE2eXG2S+bVSmwo9IBOHXgFzhOqmQly1uLP1x06NtpJV9lTWHBECWa7fIBmMUkXCrxdqVJb/OFjkjrmBhFjYhjTi+syqxO/blQiDDfGlOGTvf37ivcUtXQIvH2qce2vQuP+iZA/f5levMdySa6+Vdfdi114V83HjAsJGWStz0K2W5QRw/3ilw2D0hyCRKavOQBtG5m+o3v29AgMBAAGjITAfMB0GA1UdDgQWBBTe/Jg26TgrkhLLWBMH vinQzM4r0DANBgkqhkiG9w0BAQsFAAOCAQEAC7I3O4qNGF8KfWvJYXAcTW3cRTTzctEqaZvkR7biNoyhT6FykuCEgmrKId6HSaOCQEHp8h9/IHh/pwWFFNrIBCsPbyZBggTKC2Hj/dna/T7Ejoqsg3pXytDIlnDSPi3vsUcyLMpC1qZKRk5mYto6fxsb48IcFTyytQygcdvcYgGe5yQasYL4s55k9whwNbrzYHaWU3uNc3UVjyxkKAufrOQdWktg hIGlTE8Wm4gNNZx116hbCyFmK7UKOufRyW0pF1UcicfkaPs4Dd1ApU79uifvvN9PmjPkk88buTsMqzvkfey8HBaoZb9AiVYPn2if8HINvCOKaaLe7ixzgBGNkg==\r\n-----END CERTIFICATE-----"]}
+Here is a sample of <TRUSTED_CA_CERTIFICATE_VALUE> content :
 
+```
+-----BEGIN CERTIFICATE-----
+MIIDhzCCAm+gAwIBAgIEYmqHlTANBgkqhkiG9w0BAQsFADB0MRAwDgYDVQQGEwdV
+bmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYD
+VQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlq
+b2huIHBhdWwwHhcNMTUxMDI5MTQzNjEwWhcNMTYwMTI3MTQzNjEwWjB0MRAwDgYD
+VQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3du
+MRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYD
+VQQDEwlqb2huIHBhdWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+
+UGMvPPnJowZcE5KI+FSyg8kCJtXLAK59e9JqMnbzzJUX3RQfT2BH08xN0z+cGdqO
+QNV7gvf2TCEJYOwFqB60JEhIgNPXGY/xOcFHY7qm+5MMXSvkxPw4yCEFj1vxfGY8
+kBKXWknhmE2eXG2S+bVSmwo9IBOHXgFzhOqmQly1uLP1x06NtpJV9lTWHBECWa7f
+IBmMUkXCrxdqVJb/OFjkjrmBhFjYhjTi+syqxO/blQiDDfGlOGTvf37ivcUtXQIv
+H2qce2vQuP+iZA/f5levMdySa6+Vdfdi114V83HjAsJGWStz0K2W5QRw/3ilw2D0
+hyCRKavOQBtG5m+o3v29AgMBAAGjITAfMB0GA1UdDgQWBBTe/Jg26TgrkhLLWBMH
+vinQzM4r0DANBgkqhkiG9w0BAQsFAAOCAQEAC7I3O4qNGF8KfWvJYXAcTW3cRTTz
+ctEqaZvkR7biNoyhT6FykuCEgmrKId6HSaOCQEHp8h9/IHh/pwWFFNrIBCsPbyZB
+ggTKC2Hj/dna/T7Ejoqsg3pXytDIlnDSPi3vsUcyLMpC1qZKRk5mYto6fxsb48Ic
+FTyytQygcdvcYgGe5yQasYL4s55k9whwNbrzYHaWU3uNc3UVjyxkKAufrOQdWktg
+hIGlTE8Wm4gNNZx116hbCyFmK7UKOufRyW0pF1UcicfkaPs4Dd1ApU79uifvvN9P
+mjPkk88buTsMqzvkfey8HBaoZb9AiVYPn2if8HINvCOKaaLe7ixzgBGNkg==
+-----END CERTIFICATE-----
+```

pom.xml

@@ -5,7 +5,7 @@
 
 	<groupId>com.orange.clara.cloud.boot.ssl-truststore-gen</groupId>
 	<artifactId>spring-boot-ssl-truststore-gen</artifactId>
-	<version>1.1-SNAPSHOT</version>
+	<version>2.0-SNAPSHOT</version>
 	<packaging>jar</packaging>
 
 	<name>Spring Boot SSL trust store generator</name>
@@ -14,6 +14,8 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<java.version>1.8</java.version>
+		<maven.compiler.source>${java.version}</maven.compiler.source>
+		<maven.compiler.target>${java.version}</maven.compiler.target>
 		<spring.boot.version>1.3.0.RELEASE</spring.boot.version>
 	</properties>
 
@@ -33,12 +35,6 @@
 			<version>${spring.boot.version}</version>
 		</dependency>
 
-		<dependency>
-			<groupId>com.orange.clara.cloud.truststore</groupId>
-			<artifactId>truststore-generator</artifactId>
-			<version>0.1.8</version>
-		</dependency>
-
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
@@ -61,7 +57,27 @@
 				<artifactId>maven-surefire-plugin</artifactId>
 				<configuration>
 					<environmentVariables>
-						<TRUSTSTORE>{"certificates":["-----BEGIN CERTIFICATE-----\r\nMIIDhzCCAm+gAwIBAgIEYmqHlTANBgkqhkiG9w0BAQsFADB0MRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlqb2huIHBhdWwwHhcNMTUxMDI5MTQzNjEwWhcNMTYwMTI3MTQzNjEwWjB0MRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlqb2huIHBhdWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+UGMvPPnJowZcE5KI+FSyg8kCJtXLAK59e9JqMnbzzJUX3RQfT2BH08xN0z+cGdqOQNV7gvf2TCEJYOwFqB60JEhIgNPXGY/xOcFHY7qm+5MMXSvkxPw4yCEFj1vxfGY8kBKXWknhmE2eXG2S+bVSmwo9IBOHXgFzhOqmQly1uLP1x06NtpJV9lTWHBECWa7fIBmMUkXCrxdqVJb/OFjkjrmBhFjYhjTi+syqxO/blQiDDfGlOGTvf37ivcUtXQIvH2qce2vQuP+iZA/f5levMdySa6+Vdfdi114V83HjAsJGWStz0K2W5QRw/3ilw2D0hyCRKavOQBtG5m+o3v29AgMBAAGjITAfMB0GA1UdDgQWBBTe/Jg26TgrkhLLWBMHvinQzM4r0DANBgkqhkiG9w0BAQsFAAOCAQEAC7I3O4qNGF8KfWvJYXAcTW3cRTTzctEqaZvkR7biNoyhT6FykuCEgmrKId6HSaOCQEHp8h9/IHh/pwWFFNrIBCsPbyZBggTKC2Hj/dna/T7Ejoqsg3pXytDIlnDSPi3vsUcyLMpC1qZKRk5mYto6fxsb48IcFTyytQygcdvcYgGe5yQasYL4s55k9whwNbrzYHaWU3uNc3UVjyxkKAufrOQdWktghIGlTE8Wm4gNNZx116hbCyFmK7UKOufRyW0pF1UcicfkaPs4Dd1ApU79uifvvN9PmjPkk88buTsMqzvkfey8HBaoZb9AiVYPn2if8HINvCOKaaLe7ixzgBGNkg==\r\n-----END CERTIFICATE-----"]}</TRUSTSTORE>
+						<TRUSTED_CA_CERTIFICATE>-----BEGIN CERTIFICATE-----
+							MIIDhzCCAm+gAwIBAgIEYmqHlTANBgkqhkiG9w0BAQsFADB0MRAwDgYDVQQGEwdV
+							bmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYD
+							VQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlq
+							b2huIHBhdWwwHhcNMTUxMDI5MTQzNjEwWhcNMTYwMTI3MTQzNjEwWjB0MRAwDgYD
+							VQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3du
+							MRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYD
+							VQQDEwlqb2huIHBhdWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+
+							UGMvPPnJowZcE5KI+FSyg8kCJtXLAK59e9JqMnbzzJUX3RQfT2BH08xN0z+cGdqO
+							QNV7gvf2TCEJYOwFqB60JEhIgNPXGY/xOcFHY7qm+5MMXSvkxPw4yCEFj1vxfGY8
+							kBKXWknhmE2eXG2S+bVSmwo9IBOHXgFzhOqmQly1uLP1x06NtpJV9lTWHBECWa7f
+							IBmMUkXCrxdqVJb/OFjkjrmBhFjYhjTi+syqxO/blQiDDfGlOGTvf37ivcUtXQIv
+							H2qce2vQuP+iZA/f5levMdySa6+Vdfdi114V83HjAsJGWStz0K2W5QRw/3ilw2D0
+							hyCRKavOQBtG5m+o3v29AgMBAAGjITAfMB0GA1UdDgQWBBTe/Jg26TgrkhLLWBMH
+							vinQzM4r0DANBgkqhkiG9w0BAQsFAAOCAQEAC7I3O4qNGF8KfWvJYXAcTW3cRTTz
+							ctEqaZvkR7biNoyhT6FykuCEgmrKId6HSaOCQEHp8h9/IHh/pwWFFNrIBCsPbyZB
+							ggTKC2Hj/dna/T7Ejoqsg3pXytDIlnDSPi3vsUcyLMpC1qZKRk5mYto6fxsb48Ic
+							FTyytQygcdvcYgGe5yQasYL4s55k9whwNbrzYHaWU3uNc3UVjyxkKAufrOQdWktg
+							hIGlTE8Wm4gNNZx116hbCyFmK7UKOufRyW0pF1UcicfkaPs4Dd1ApU79uifvvN9P
+							mjPkk88buTsMqzvkfey8HBaoZb9AiVYPn2if8HINvCOKaaLe7ixzgBGNkg==
+							-----END CERTIFICATE-----</TRUSTED_CA_CERTIFICATE>
 					</environmentVariables>
 				</configuration>
 			</plugin>

src/main/java/com/orange/clara/cloud/boot/ssl/CertificateFactory.java

@@ -0,0 +1,48 @@
+/*
+ *
+ *  * Copyright (C) 2015 Orange
+ *  * Licensed under the Apache License, Version 2.0 (the "License");
+ *  * you may not use this file except in compliance with the License.
+ *  * You may obtain a copy of the License at
+ *  * http://www.apache.org/licenses/LICENSE-2.0
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
+ *  *
+ *
+ */
+
+package com.orange.clara.cloud.boot.ssl;
+
+import java.io.BufferedInputStream;
+import java.io.ByteArrayInputStream;
+import java.security.cert.Certificate;
+
+/**
+ * Created by sbortolussi on 22/10/2015.
+ */
+public class CertificateFactory {
+
+    public static final String X_509_CERTIFICATE = "X.509";
+
+    public static Certificate newInstance(String certificate) {
+        if (certificate == null || "".equals(certificate))
+            throw new IllegalArgumentException("Invalid certificate. Certificate should have text.");
+
+        try (ByteArrayInputStream bais = new ByteArrayInputStream(certificate.getBytes()); BufferedInputStream bis = new BufferedInputStream(bais)) {
+            java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance(X_509_CERTIFICATE);
+            Certificate cert = null;
+            while (bis.available() > 0) {
+                cert = cf.generateCertificate(bis);
+            }
+            return cert;
+        } catch (Exception e) {
+            String message = String
+                    .format("Cannot create certificate.", e);
+            throw new IllegalStateException(message, e);
+        }
+    }
+
+}

src/main/java/com/orange/clara/cloud/boot/ssl/DefaultTrustStoreAppender.java

@@ -0,0 +1,92 @@
+/*
+ *
+ *  * Copyright (C) 2015 Orange
+ *  * Licensed under the Apache License, Version 2.0 (the "License");
+ *  * you may not use this file except in compliance with the License.
+ *  * You may obtain a copy of the License at
+ *  * http://www.apache.org/licenses/LICENSE-2.0
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
+ *  *
+ *
+ */
+
+package com.orange.clara.cloud.boot.ssl;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.util.UUID;
+
+
+/**
+ * Created by sbortolussi on 28/10/2015.
+ * <p>
+ * Credits to https://github.com/cloudfoundry/cf-java-client/blob/master/cloudfoundry-client-spring/src/main/java/org/cloudfoundry/client/spring/util/CertificateCollectingSslCertificateTruster.java
+ */
+public class DefaultTrustStoreAppender {
+
+    public static final String TRUSTSTORE_FILENAME = "truststore";
+
+    private static Logger LOGGER = LoggerFactory.getLogger(DefaultTrustStoreAppender.class);
+
+    /**
+     * Create new java truststore from default truststore. Add given CA certificate to it.
+     *
+     * @param certificate
+     * @return TrustStoreInfo
+     * @see <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html">JSSE Reference Guide</a>
+     */
+    public TrustStoreInfo append(Certificate certificate) {
+        try {
+            X509TrustManager trustManager = getDefaultTrustManager();
+
+            try {
+                KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
+                trustStore.load(null);
+
+                if (trustManager != null) {
+                    for (X509Certificate cert : trustManager.getAcceptedIssuers()) {
+                        trustStore.setCertificateEntry(UUID.randomUUID().toString(), cert);
+                        LOGGER.debug("adding existing certificate to truststore {}", cert);
+                    }
+                }
+
+                if (certificate != null) {
+                    trustStore.setCertificateEntry(UUID.randomUUID().toString(), certificate);
+                    LOGGER.debug("adding new certificate to truststore {}", certificate);
+                }
+
+                String password = UUID.randomUUID().toString();
+                File trustStoreOutputFile = File.createTempFile(TRUSTSTORE_FILENAME, null);
+                trustStoreOutputFile.deleteOnExit();
+                trustStore.store(new FileOutputStream(trustStoreOutputFile), password.toCharArray());
+
+                return new TrustStoreInfo(trustStoreOutputFile, password);
+            } catch (Exception e) {
+                throw new IllegalStateException(e);
+            }
+        } catch (Exception e) {
+            throw new IllegalStateException(e);
+        }
+    }
+
+    private X509TrustManager getDefaultTrustManager() throws NoSuchAlgorithmException, KeyStoreException {
+        TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+        factory.init((KeyStore) null);
+        return (X509TrustManager) factory.getTrustManagers()[0];
+    }
+
+}

src/main/java/com/orange/clara/cloud/boot/ssl/SslTrustStoreGeneratorListener.java

@@ -16,15 +16,12 @@
 
 package com.orange.clara.cloud.boot.ssl;
 
-import com.orange.clara.cloud.truststore.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.context.event.ApplicationStartedEvent;
 import org.springframework.context.ApplicationListener;
 import org.springframework.core.Ordered;
 
-import java.time.LocalDateTime;
-
 /**
  * Provide spring boot application with a java truststore composed from :
  * <ul>
@@ -43,35 +40,31 @@ public class SslTrustStoreGeneratorListener implements
     public static final String SSL_TRUST_STORE_SYSTEM_PROPERTY = "javax.net.ssl.trustStore";
     public static final String SSL_TRUST_STORE_PASSWORD_SYSTEM_PROPERTY = "javax.net.ssl.trustStorePassword";
 
-    public static final String TRUSTSTORE_PROPERTY_NAME = "TRUSTSTORE";
+    public static final String TRUSTED_CA_CERTIFICATE_PROPERTY_NAME = "TRUSTED_CA_CERTIFICATE";
 
     private static Logger LOGGER = LoggerFactory.getLogger(SslTrustStoreGeneratorListener.class);
 
     private int order = HIGHEST_PRECEDENCE;
 
     private PropertyResolver propertyResolver = new PropertyResolver();
 
-    private TrustStoreGenerator keyStoreGenerator = new TrustStoreGenerator();
+    private DefaultTrustStoreAppender trustStoreAppender = new DefaultTrustStoreAppender();
 
     public SslTrustStoreGeneratorListener() {
     }
 
     public void onApplicationEvent(ApplicationStartedEvent event) {
         try {
-            LOGGER.debug("ApplicationEnvironmentPreparedEvent raised at {}", LocalDateTime.now());
-            TrustStorePropertyReader keyStorePropertyReader = new TrustStoreStorePropertyJsonReader();
-            final String truststore = propertyResolver.getSystemProperty(TRUSTSTORE_PROPERTY_NAME);
-            if (!"".equals(truststore)) {
-                final TrustStoreProperty keyStoreProperty = keyStorePropertyReader.read(truststore);
-                LOGGER.info("following additional CA Certificates have been defined in {] system property {}", TRUSTSTORE_PROPERTY_NAME, keyStoreProperty.getCertificates());
-                LOGGER.info("Generating truststore...");
-                final TrustStoreInfo trustStoreInfo = keyStoreGenerator.generateFromDefaultTrustStore(keyStoreProperty);
+            final String certificate = propertyResolver.getSystemProperty(TRUSTED_CA_CERTIFICATE_PROPERTY_NAME);
+            if (!"".equals(certificate)) {
+                LOGGER.info("Following additional CA Certificate has been defined in {} system property : {}", TRUSTED_CA_CERTIFICATE_PROPERTY_NAME, certificate);
+                final TrustStoreInfo trustStoreInfo = trustStoreAppender.append(CertificateFactory.newInstance(certificate));
                 System.setProperty(SSL_TRUST_STORE_SYSTEM_PROPERTY, trustStoreInfo.getTrustStorefFile().getAbsolutePath());
                 LOGGER.info("Setting {} system property to {}", SSL_TRUST_STORE_SYSTEM_PROPERTY, trustStoreInfo.getTrustStorefFile().getAbsolutePath());
                 System.setProperty(SSL_TRUST_STORE_PASSWORD_SYSTEM_PROPERTY, trustStoreInfo.getPassword());
                 LOGGER.info("Setting {} system property to {}", SSL_TRUST_STORE_PASSWORD_SYSTEM_PROPERTY, trustStoreInfo.getPassword());
             } else {
-                LOGGER.warn("No additional CA certificate has been defined using {} system property", TRUSTSTORE_PROPERTY_NAME);
+                LOGGER.warn("No additional CA certificate has been defined using {} system property", TRUSTED_CA_CERTIFICATE_PROPERTY_NAME);
             }
         } catch (Exception e) {
             String message = "Cannot create truststore.";

src/main/java/com/orange/clara/cloud/boot/ssl/TrustStoreInfo.java

@@ -0,0 +1,59 @@
+/*
+ *
+ *  * Copyright (C) 2015 Orange
+ *  * Licensed under the Apache License, Version 2.0 (the "License");
+ *  * you may not use this file except in compliance with the License.
+ *  * You may obtain a copy of the License at
+ *  * http://www.apache.org/licenses/LICENSE-2.0
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
+ *  *
+ *
+ */
+
+package com.orange.clara.cloud.boot.ssl;
+
+import java.io.File;
+
+/**
+ *
+ * Created by sbortolussi on 12/11/2015.
+ */
+public class TrustStoreInfo {
+
+    private File trustStoreFile;
+
+    private String password;
+
+    public TrustStoreInfo(File file, String password) {
+        setPassword(password);
+        setTrustStoreFile(file);
+    }
+
+    private void setTrustStoreFile(File file) {
+        if (file == null)
+            throw new IllegalArgumentException("Unable to create truststore info. trustore file should be set");
+        this.trustStoreFile = file;
+    }
+
+    private void setPassword(String password) {
+        if (password == null || "".equals(password))
+            throw new IllegalArgumentException("Unable to create truststore info. password should be set");
+        this.password = password;
+    }
+
+
+    public File getTrustStorefFile() {
+        return trustStoreFile;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+
+
+}