public interface ClientSecurityConfigurator extends SecurityConfigurator
SecurityConfigurator
contract for clients.SecurityConfigurator.SslProvider
Modifier and Type | Method and Description |
---|---|
ClientSecurityConfigurator |
ciphers(java.lang.Iterable<java.lang.String> ciphers)
The cipher suites to enable, in the order of preference.
|
ClientSecurityConfigurator |
disableHostnameVerification()
Disable verification of the server identity.
|
ClientSecurityConfigurator |
hostnameVerification(java.lang.String hostNameVerificationHost)
Set the host name used to verify the server
identity.
|
ClientSecurityConfigurator |
hostnameVerification(java.lang.String hostNameVerificationHost,
int hostNameVerificationPort)
Set the host name and port used to verify the server
identity.
|
ClientSecurityConfigurator |
hostnameVerification(java.lang.String hostNameVerificationAlgorithm,
java.lang.String hostNameVerificationHost)
Determines what algorithm to use for hostname verification.
|
ClientSecurityConfigurator |
hostnameVerification(java.lang.String hostNameVerificationAlgorithm,
java.lang.String hostNameVerificationHost,
int hostNameVerificationPort)
Determines what algorithm to use for hostname verification.
|
ClientSecurityConfigurator |
hostnameVerificationAlgorithm(java.lang.String hostNameVerificationAlgorithm)
Determines what algorithm to use for hostname verification.
|
ClientSecurityConfigurator |
keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)
Identifying certificate for this host.
|
ClientSecurityConfigurator |
keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier)
Identifying certificate for this host.
|
ClientSecurityConfigurator |
keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier,
java.lang.String keyPassword)
Identifying certificate for this host.
|
ClientSecurityConfigurator |
protocols(java.lang.String... protocols)
The SSL protocols to enable, in the order of preference.
|
ClientSecurityConfigurator |
provider(SecurityConfigurator.SslProvider provider)
Sets the
SecurityConfigurator.SslProvider to use. |
ClientSecurityConfigurator |
sessionCacheSize(long sessionCacheSize)
Set the size of the cache used for storing SSL session objects.
|
ClientSecurityConfigurator |
sessionTimeout(long sessionTimeout)
Set the timeout for the cached SSL session objects, in seconds.
|
ClientSecurityConfigurator |
sniHostname(java.lang.String sniHostname)
Set the SNI host name.
|
ClientSecurityConfigurator |
trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
Trusted certificates for verifying the remote endpoint's certificate.
|
ClientSecurityConfigurator |
trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
Trust manager for verifying the remote endpoint's certificate.
|
ClientSecurityConfigurator trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
SecurityConfigurator
X.509
certificate chain in PEM
format.trustManager
in interface SecurityConfigurator
trustCertChainSupplier
- a supplier for the certificate chain input stream.
The responsibility to call InputStream.close()
is transferred to callers of the returned
Supplier
. If this is not the desired behavior then wrap the InputStream
and override
InputStream.close()
.
this
.ClientSecurityConfigurator trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
SecurityConfigurator
TrustManagerFactory
which take preference over any configured Supplier
.trustManager
in interface SecurityConfigurator
trustManagerFactory
- the TrustManagerFactory
to use.this
.ClientSecurityConfigurator protocols(java.lang.String... protocols)
SecurityConfigurator
protocols
in interface SecurityConfigurator
protocols
- the protocols to use.this
.SSLEngine.setEnabledProtocols(String[])
ClientSecurityConfigurator ciphers(java.lang.Iterable<java.lang.String> ciphers)
SecurityConfigurator
ciphers
in interface SecurityConfigurator
ciphers
- the ciphers to use.this
.ClientSecurityConfigurator sessionCacheSize(long sessionCacheSize)
SecurityConfigurator
sessionCacheSize
in interface SecurityConfigurator
sessionCacheSize
- the cache size.this
.ClientSecurityConfigurator sessionTimeout(long sessionTimeout)
SecurityConfigurator
sessionTimeout
in interface SecurityConfigurator
sessionTimeout
- the session timeout.this
.ClientSecurityConfigurator provider(SecurityConfigurator.SslProvider provider)
SecurityConfigurator
SecurityConfigurator.SslProvider
to use.provider
in interface SecurityConfigurator
provider
- the provider.this
.ClientSecurityConfigurator hostnameVerificationAlgorithm(java.lang.String hostNameVerificationAlgorithm)
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.
See
Supported algorithm names.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
ClientSecurityConfigurator hostnameVerification(java.lang.String hostNameVerificationAlgorithm, java.lang.String hostNameVerificationHost)
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.
See
Supported algorithm names.hostNameVerificationHost
- the host name used to verify the
server identity.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
ClientSecurityConfigurator hostnameVerification(java.lang.String hostNameVerificationAlgorithm, java.lang.String hostNameVerificationHost, int hostNameVerificationPort)
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.
See
Supported algorithm names.hostNameVerificationHost
- the host name used to verify the
server identity.hostNameVerificationPort
- The port which maybe used to verify the
server identity.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
ClientSecurityConfigurator hostnameVerification(java.lang.String hostNameVerificationHost)
hostNameVerificationHost
- the host name used to verify the
server identity.this
.ClientSecurityConfigurator hostnameVerification(java.lang.String hostNameVerificationHost, int hostNameVerificationPort)
hostNameVerificationHost
- the host name used to verify the
server identity.hostNameVerificationPort
- The port which maybe used to verify the
server identity.this
.SSLParameters.setEndpointIdentificationAlgorithm(String)
ClientSecurityConfigurator sniHostname(java.lang.String sniHostname)
sniHostname
- The SNI host name.this
.ClientSecurityConfigurator disableHostnameVerification()
this
.ClientSecurityConfigurator keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)
keyManagerFactory
may be null
, which disables mutual
authentication. The KeyManagerFactory
which take preference over any configured Supplier
.keyManagerFactory
- an KeyManagerFactory
.this
.ClientSecurityConfigurator keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
keyCertChainInputStream
and keyInputStream
may
be null
, which disables mutual authentication.keyCertChainSupplier
- a Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keySupplier
- an Supplier
that will provide an input stream for a KCS#8 private key in PEM format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
this
.ClientSecurityConfigurator keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
keyCertChainInputStream
and keyInputStream
may
be null
, which disables mutual authentication.keyCertChainSupplier
- an Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keySupplier
- an Supplier
that will provide an input stream for a KCS#8 private key in PEM format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keyPassword
- the password of the keyInputStream
.this
.