public class ClientSecurityConfig extends ReadOnlyClientSecurityConfig
Modifier and Type | Field and Description |
---|---|
protected java.util.function.Supplier<java.io.InputStream> |
keyCertChainSupplier |
protected javax.net.ssl.KeyManagerFactory |
keyManagerFactory |
protected java.lang.String |
keyPassword |
protected java.util.function.Supplier<java.io.InputStream> |
keySupplier |
hostnameVerificationAlgorithm, hostNameVerificationHost, hostNameVerificationPort, sniHostname
Constructor and Description |
---|
ClientSecurityConfig(java.lang.String serverHostname,
int serverPort)
Creates new instance.
|
Modifier and Type | Method and Description |
---|---|
ReadOnlyClientSecurityConfig |
asReadOnly()
Returns this config as a
ReadOnlyClientSecurityConfig . |
void |
ciphers(java.lang.Iterable<java.lang.String> ciphers)
The cipher suites to enable, in the order of preference.
|
void |
disableHostnameVerification()
Disable verification of the server identity.
|
void |
hostNameVerification(java.lang.String hostNameVerificationHost)
Set the host name used to verify the server
identity.
|
void |
hostNameVerification(java.lang.String hostNameVerificationHost,
int hostNameVerificationPort)
Set the host name and port used to verify the server
identity.
|
void |
hostNameVerification(java.lang.String hostNameVerificationAlgorithm,
java.lang.String hostNameVerificationHost)
Determines what algorithm to use for hostname verification.
|
void |
hostNameVerification(java.lang.String hostNameVerificationAlgorithm,
java.lang.String hostNameVerificationHost,
int hostNameVerificationPort)
Determines what algorithm to use for hostname verification.
|
void |
hostNameVerificationAlgorithm(java.lang.String hostNameVerificationAlgorithm)
Determines what algorithm to use for hostname verification.
|
void |
keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)
Identifying certificate for this host.
|
void |
keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier)
Identifying certificate for this host.
|
void |
keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier,
java.lang.String keyPassword)
Identifying certificate for this host.
|
void |
protocols(java.lang.String... protocols)
The SSL protocols to enable, in the order of preference.
|
void |
provider(SecurityConfigurator.SslProvider provider)
Sets the
SecurityConfigurator.SslProvider to use. |
void |
sessionCacheSize(long sessionCacheSize)
Set the size of the cache used for storing SSL session objects.
|
void |
sessionTimeout(long sessionTimeout)
Set the timeout for the cached SSL session objects, in seconds.
|
void |
sniHostname(java.lang.String sniHostname)
Set the SNI host name.
|
void |
trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
Trusted certificates for verifying the remote endpoint's certificate.
|
void |
trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
Trust manager for verifying the remote endpoint's certificate.
|
hostnameVerificationAlgorithm, hostnameVerificationHost, hostnameVerificationPort, sniHostname
@Nullable protected javax.net.ssl.KeyManagerFactory keyManagerFactory
protected java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier
protected java.util.function.Supplier<java.io.InputStream> keySupplier
@Nullable protected java.lang.String keyPassword
public ClientSecurityConfig(java.lang.String serverHostname, int serverPort)
serverHostname
- Hostname for the server.serverPort
- Port for the server.public void hostNameVerificationAlgorithm(java.lang.String hostNameVerificationAlgorithm)
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.public void hostNameVerification(java.lang.String hostNameVerificationAlgorithm, java.lang.String hostNameVerificationHost)
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.hostNameVerificationHost
- the host name used to verify the
server identity.public void hostNameVerification(java.lang.String hostNameVerificationAlgorithm, java.lang.String hostNameVerificationHost, int hostNameVerificationPort)
hostNameVerificationAlgorithm
- The algorithm to use when verifying the host name.hostNameVerificationHost
- the host name used to verify the
server identity.hostNameVerificationPort
- The port which maybe used to verify the
server identity.public void hostNameVerification(java.lang.String hostNameVerificationHost)
hostNameVerificationHost
- the host name used to verify the
server identity.public void hostNameVerification(java.lang.String hostNameVerificationHost, int hostNameVerificationPort)
hostNameVerificationHost
- the host name used to verify the
server identity.hostNameVerificationPort
- The port which maybe used to verify the
server identity.public void sniHostname(java.lang.String sniHostname)
sniHostname
- The SNI host name.public void disableHostnameVerification()
public void trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
X.509
certificate chain in PEM
format.trustCertChainSupplier
- a supplier for the certificate chain input stream.public void trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
TrustManagerFactory
which take preference over any configured Supplier
.trustManagerFactory
- the TrustManagerFactory
to use.public void protocols(java.lang.String... protocols)
protocols
- the protocols to use.public void ciphers(java.lang.Iterable<java.lang.String> ciphers)
ciphers
- the ciphers to use.public void sessionCacheSize(long sessionCacheSize)
sessionCacheSize
- the cache size.public void sessionTimeout(long sessionTimeout)
sessionTimeout
- the session timeout.public void provider(SecurityConfigurator.SslProvider provider)
SecurityConfigurator.SslProvider
to use.provider
- the provider.public void keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)
keyManagerFactory
may be null
, which disables mutual
authentication. The KeyManagerFactory
which take preference over any configured Supplier
.keyManagerFactory
- an KeyManagerFactory
.public void keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
keyCertChainInputStream
and keyInputStream
may
be null
, which disables mutual authentication.keyCertChainSupplier
- a Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.keySupplier
- an Supplier
that will provide an input stream for a KCS#8 private key in PEM format.public void keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
keyCertChainInputStream
and keyInputStream
may
be null
, which disables mutual authentication.keyCertChainSupplier
- an Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.keySupplier
- an Supplier
that will provide an input stream for a KCS#8 private key in PEM format.keyPassword
- the password of the keyInputStream
.public ReadOnlyClientSecurityConfig asReadOnly()
ReadOnlyClientSecurityConfig
.ReadOnlyClientSecurityConfig
.