U
- the type of address before resolution (unresolved address)R
- the type of address after resolution (resolved address)public interface GrpcClientSecurityConfigurator<U,R> extends ClientSecurityConfigurator
ClientSecurityConfigurator
for SingleAddressGrpcClientBuilder
.SecurityConfigurator.SslProvider
Modifier and Type | Method and Description |
---|---|
GrpcClientSecurityConfigurator<U,R> |
ciphers(java.lang.Iterable<java.lang.String> ciphers)
The cipher suites to enable, in the order of preference.
|
GrpcClientBuilder<U,R> |
commit()
Commit configuring client security.
|
GrpcClientSecurityConfigurator<U,R> |
disableHostnameVerification()
Disable verification of the server identity.
|
GrpcClientSecurityConfigurator<U,R> |
hostnameVerification(java.lang.String hostNameVerificationHost)
Set the host name used to verify the server
identity.
|
GrpcClientSecurityConfigurator<U,R> |
hostnameVerification(java.lang.String hostNameVerificationHost,
int hostNameVerificationPort)
Set the host name and port used to verify the server
identity.
|
GrpcClientSecurityConfigurator<U,R> |
hostnameVerification(java.lang.String hostNameVerificationAlgorithm,
java.lang.String hostNameVerificationHost)
Determines what algorithm to use for hostname verification.
|
GrpcClientSecurityConfigurator<U,R> |
hostnameVerification(java.lang.String hostNameVerificationAlgorithm,
java.lang.String hostNameVerificationHost,
int hostNameVerificationPort)
Determines what algorithm to use for hostname verification.
|
GrpcClientSecurityConfigurator<U,R> |
hostnameVerificationAlgorithm(java.lang.String hostNameVerificationAlgorithm)
Determines what algorithm to use for hostname verification.
|
GrpcClientSecurityConfigurator<U,R> |
keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)
Identifying certificate for this host.
|
GrpcClientSecurityConfigurator<U,R> |
keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier)
Identifying certificate for this host.
|
GrpcClientSecurityConfigurator<U,R> |
keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier,
java.lang.String keyPassword)
Identifying certificate for this host.
|
GrpcClientSecurityConfigurator<U,R> |
protocols(java.lang.String... protocols)
The SSL protocols to enable, in the order of preference.
|
GrpcClientSecurityConfigurator<U,R> |
provider(SecurityConfigurator.SslProvider provider)
Sets the
SecurityConfigurator.SslProvider to use. |
GrpcClientSecurityConfigurator<U,R> |
sessionCacheSize(long sessionCacheSize)
Set the size of the cache used for storing SSL session objects.
|
GrpcClientSecurityConfigurator<U,R> |
sessionTimeout(long sessionTimeout)
Set the timeout for the cached SSL session objects, in seconds.
|
GrpcClientSecurityConfigurator<U,R> |
sniHostname(java.lang.String sniHostname)
Set the SNI host name.
|
GrpcClientSecurityConfigurator<U,R> |
trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
Trusted certificates for verifying the remote endpoint's certificate.
|
GrpcClientSecurityConfigurator<U,R> |
trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
Trust manager for verifying the remote endpoint's certificate.
|
GrpcClientBuilder<U,R> commit()
GrpcClientBuilder
that initiated the security configuration process.GrpcClientSecurityConfigurator<U,R> trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
SecurityConfigurator
X.509
certificate chain in PEM
format.trustManager
in interface ClientSecurityConfigurator
trustManager
in interface SecurityConfigurator
trustCertChainSupplier
- a supplier for the certificate chain input stream.
The responsibility to call InputStream.close()
is transferred to callers of the returned
Supplier
. If this is not the desired behavior then wrap the InputStream
and override
InputStream.close()
.
this
.GrpcClientSecurityConfigurator<U,R> trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
SecurityConfigurator
TrustManagerFactory
which take preference over any configured Supplier
.trustManager
in interface ClientSecurityConfigurator
trustManager
in interface SecurityConfigurator
trustManagerFactory
- the TrustManagerFactory
to use.this
.GrpcClientSecurityConfigurator<U,R> protocols(java.lang.String... protocols)
SecurityConfigurator
protocols
in interface ClientSecurityConfigurator
protocols
in interface SecurityConfigurator
protocols
- the protocols to use.this
.SSLEngine.setEnabledProtocols(String[])
GrpcClientSecurityConfigurator<U,R> ciphers(java.lang.Iterable<java.lang.String> ciphers)
SecurityConfigurator
ciphers
in interface ClientSecurityConfigurator
ciphers
in interface SecurityConfigurator
ciphers
- the ciphers to use.this
.GrpcClientSecurityConfigurator<U,R> sessionCacheSize(long sessionCacheSize)
SecurityConfigurator
sessionCacheSize
in interface ClientSecurityConfigurator
sessionCacheSize
in interface SecurityConfigurator
sessionCacheSize
- the cache size.this
.GrpcClientSecurityConfigurator<U,R> sessionTimeout(long sessionTimeout)
SecurityConfigurator
sessionTimeout
in interface ClientSecurityConfigurator
sessionTimeout
in interface SecurityConfigurator
sessionTimeout
- the session timeout.this
.GrpcClientSecurityConfigurator<U,R> provider(SecurityConfigurator.SslProvider provider)
SecurityConfigurator
SecurityConfigurator.SslProvider
to use.provider
in interface ClientSecurityConfigurator
provider
in interface SecurityConfigurator
provider
- the provider.this
.GrpcClientSecurityConfigurator<U,R> hostnameVerificationAlgorithm(java.lang.String hostNameVerificationAlgorithm)
ClientSecurityConfigurator
hostnameVerificationAlgorithm
in interface ClientSecurityConfigurator
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.
See
Supported algorithm names.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
GrpcClientSecurityConfigurator<U,R> hostnameVerification(java.lang.String hostNameVerificationAlgorithm, java.lang.String hostNameVerificationHost)
ClientSecurityConfigurator
hostnameVerification
in interface ClientSecurityConfigurator
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.
See
Supported algorithm names.hostNameVerificationHost
- the host name used to verify the
server identity.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
GrpcClientSecurityConfigurator<U,R> hostnameVerification(java.lang.String hostNameVerificationAlgorithm, java.lang.String hostNameVerificationHost, int hostNameVerificationPort)
ClientSecurityConfigurator
hostnameVerification
in interface ClientSecurityConfigurator
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.
See
Supported algorithm names.hostNameVerificationHost
- the host name used to verify the
server identity.hostNameVerificationPort
- The port which maybe used to verify the
server identity.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
GrpcClientSecurityConfigurator<U,R> hostnameVerification(java.lang.String hostNameVerificationHost)
ClientSecurityConfigurator
hostnameVerification
in interface ClientSecurityConfigurator
hostNameVerificationHost
- the host name used to verify the
server identity.this
.GrpcClientSecurityConfigurator<U,R> hostnameVerification(java.lang.String hostNameVerificationHost, int hostNameVerificationPort)
ClientSecurityConfigurator
hostnameVerification
in interface ClientSecurityConfigurator
hostNameVerificationHost
- the host name used to verify the
server identity.hostNameVerificationPort
- The port which maybe used to verify the
server identity.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
GrpcClientSecurityConfigurator<U,R> sniHostname(java.lang.String sniHostname)
ClientSecurityConfigurator
sniHostname
in interface ClientSecurityConfigurator
sniHostname
- The SNI host name.this
.GrpcClientSecurityConfigurator<U,R> disableHostnameVerification()
ClientSecurityConfigurator
disableHostnameVerification
in interface ClientSecurityConfigurator
this
.GrpcClientSecurityConfigurator<U,R> keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)
ClientSecurityConfigurator
keyManagerFactory
may be null
, which disables mutual
authentication. The KeyManagerFactory
which take preference over any configured Supplier
.keyManager
in interface ClientSecurityConfigurator
keyManagerFactory
- an KeyManagerFactory
.this
.GrpcClientSecurityConfigurator<U,R> keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
ClientSecurityConfigurator
keyCertChainInputStream
and keyInputStream
may
be null
, which disables mutual authentication.keyManager
in interface ClientSecurityConfigurator
keyCertChainSupplier
- a Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keySupplier
- an Supplier
that will provide an input stream for a KCS#8 private key in PEM format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
this
.GrpcClientSecurityConfigurator<U,R> keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
ClientSecurityConfigurator
keyCertChainInputStream
and keyInputStream
may
be null
, which disables mutual authentication.keyManager
in interface ClientSecurityConfigurator
keyCertChainSupplier
- an Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keySupplier
- an Supplier
that will provide an input stream for a KCS#8 private key in PEM format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keyPassword
- the password of the keyInputStream
.this
.