io.servicetalk.grpc.api

Interface GrpcServerSecurityConfigurator

All Superinterfaces:

SecurityConfigurator, ServerSecurityConfigurator

public interface GrpcServerSecurityConfigurator
extends ServerSecurityConfigurator

A ServerSecurityConfigurator for GrpcServerBuilder.

Nested Class Summary

Nested classes/interfaces inherited from interface io.servicetalk.transport.api.ServerSecurityConfigurator

ServerSecurityConfigurator.ClientAuth

Nested classes/interfaces inherited from interface io.servicetalk.transport.api.SecurityConfigurator

SecurityConfigurator.SslProvider

Method Summary

Modifier and Type	Method and Description
GrpcServerSecurityConfigurator	ciphers(java.lang.Iterable<java.lang.String> ciphers) The cipher suites to enable, in the order of preference.
GrpcServerSecurityConfigurator	clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth) Sets the client authentication mode.
GrpcServerBuilder	commit(javax.net.ssl.KeyManagerFactory keyManagerFactory) Commit configuring server security.
GrpcServerBuilder	commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier) Commit configuring server security.
GrpcServerBuilder	commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword) Commit configuring server security.
GrpcServerSecurityConfigurator	protocols(java.lang.String... protocols) The SSL protocols to enable, in the order of preference.
GrpcServerSecurityConfigurator	provider(SecurityConfigurator.SslProvider provider) Sets the SecurityConfigurator.SslProvider to use.
GrpcServerSecurityConfigurator	sessionCacheSize(long sessionCacheSize) Set the size of the cache used for storing SSL session objects.
GrpcServerSecurityConfigurator	sessionTimeout(long sessionTimeout) Set the timeout for the cached SSL session objects, in seconds.
GrpcServerSecurityConfigurator	trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier) Trusted certificates for verifying the remote endpoint's certificate.
GrpcServerSecurityConfigurator	trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory) Trust manager for verifying the remote endpoint's certificate.

Method Detail

trustManager

GrpcServerSecurityConfigurator trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)

Description copied from interface: SecurityConfigurator

Trusted certificates for verifying the remote endpoint's certificate. The input stream should contain an X.509 certificate chain in PEM format.

Specified by:

trustManager in interface SecurityConfigurator

Specified by:

trustManager in interface ServerSecurityConfigurator

Parameters:

trustCertChainSupplier - a supplier for the certificate chain input stream.

The responsibility to call InputStream.close() is transferred to callers of the returned Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

Returns:

this.

trustManager

GrpcServerSecurityConfigurator trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)

Description copied from interface: SecurityConfigurator

Trust manager for verifying the remote endpoint's certificate. The TrustManagerFactory which take preference over any configured Supplier.

Specified by:

trustManager in interface SecurityConfigurator

Specified by:

trustManager in interface ServerSecurityConfigurator

Parameters:

trustManagerFactory - the TrustManagerFactory to use.

Returns:

this.

protocols

GrpcServerSecurityConfigurator protocols(java.lang.String... protocols)

Description copied from interface: SecurityConfigurator

The SSL protocols to enable, in the order of preference.

Specified by:

protocols in interface SecurityConfigurator

Specified by:

protocols in interface ServerSecurityConfigurator

Parameters:

protocols - the protocols to use.

Returns:

this.

See Also:

SSLEngine.setEnabledProtocols(String[])

ciphers

GrpcServerSecurityConfigurator ciphers(java.lang.Iterable<java.lang.String> ciphers)

Description copied from interface: SecurityConfigurator

The cipher suites to enable, in the order of preference.

Specified by:

ciphers in interface SecurityConfigurator

Specified by:

ciphers in interface ServerSecurityConfigurator

Parameters:

ciphers - the ciphers to use.

Returns:

this.

sessionCacheSize

GrpcServerSecurityConfigurator sessionCacheSize(long sessionCacheSize)

Description copied from interface: SecurityConfigurator

Set the size of the cache used for storing SSL session objects.

Specified by:

sessionCacheSize in interface SecurityConfigurator

Specified by:

sessionCacheSize in interface ServerSecurityConfigurator

Parameters:

sessionCacheSize - the cache size.

Returns:

this.

sessionTimeout

GrpcServerSecurityConfigurator sessionTimeout(long sessionTimeout)

Description copied from interface: SecurityConfigurator

Set the timeout for the cached SSL session objects, in seconds.

Specified by:

sessionTimeout in interface SecurityConfigurator

Specified by:

sessionTimeout in interface ServerSecurityConfigurator

Parameters:

sessionTimeout - the session timeout.

Returns:

this.

provider

GrpcServerSecurityConfigurator provider(SecurityConfigurator.SslProvider provider)

Description copied from interface: SecurityConfigurator

Sets the SecurityConfigurator.SslProvider to use.

Specified by:

provider in interface SecurityConfigurator

Specified by:

provider in interface ServerSecurityConfigurator

Parameters:

provider - the provider.

Returns:

this.

clientAuth

GrpcServerSecurityConfigurator clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)

Description copied from interface: ServerSecurityConfigurator

Sets the client authentication mode.

Specified by:

clientAuth in interface ServerSecurityConfigurator

Parameters:

clientAuth - the auth configuration to use.

Returns:

this.

commit

GrpcServerBuilder commit(javax.net.ssl.KeyManagerFactory keyManagerFactory)

Commit configuring server security.

Parameters:

keyManagerFactory - an KeyManagerFactory.

Returns:

Original GrpcServerBuilder that initiated the security configuration process.

commit

GrpcServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
                         java.util.function.Supplier<java.io.InputStream> keySupplier)

Commit configuring server security.

Parameters:

keyCertChainSupplier - an Supplier that will provide an input stream for a X.509 certificate chain in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

keySupplier - an Supplier that will provide an input stream for a KCS#8 private key in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

Returns:

Original GrpcServerBuilder that initiated the security configuration process.

commit

GrpcServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
                         java.util.function.Supplier<java.io.InputStream> keySupplier,
                         java.lang.String keyPassword)

Commit configuring server security.

Parameters:

keyCertChainSupplier - an Supplier that will provide an input stream for a X.509 certificate chain in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

keySupplier - an Supplier that will provide an input stream for a KCS#8 private key in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

keyPassword - the password of the keyFile.

Returns:

Original GrpcServerBuilder that initiated the security configuration process.