io.servicetalk.transport.netty.internal

Class ServerSecurityConfig

java.lang.Object

io.servicetalk.transport.netty.internal.ReadOnlyServerSecurityConfig

io.servicetalk.transport.netty.internal.ServerSecurityConfig

public class ServerSecurityConfig
extends ReadOnlyServerSecurityConfig

Server security configuration.

Field Summary

Fields

Modifier and Type	Field and Description
protected java.util.function.Supplier<java.io.InputStream>	keyCertChainSupplier
protected javax.net.ssl.KeyManagerFactory	keyManagerFactory
protected java.lang.String	keyPassword
protected java.util.function.Supplier<java.io.InputStream>	keySupplier

Fields inherited from class io.servicetalk.transport.netty.internal.ReadOnlyServerSecurityConfig

clientAuth

Constructor Summary

Constructors

Constructor and Description
ServerSecurityConfig()

Method Summary

Modifier and Type	Method and Description
ReadOnlyServerSecurityConfig	asReadOnly() Returns this config as a ReadOnlyServerSecurityConfig.
void	ciphers(java.lang.Iterable<java.lang.String> ciphers) The cipher suites to enable, in the order of preference.
void	clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth) Sets the client authentication mode.
void	keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory) Identifying certificate for this host.
void	keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier) Identifying certificate for this host.
void	keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword) Identifying certificate for this host.
void	protocols(java.lang.String... protocols) The SSL protocols to enable, in the order of preference.
void	provider(SecurityConfigurator.SslProvider provider) Sets the SecurityConfigurator.SslProvider to use.
void	sessionCacheSize(long sessionCacheSize) Set the size of the cache used for storing SSL session objects.
void	sessionTimeout(long sessionTimeout) Set the timeout for the cached SSL session objects, in seconds.
void	trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier) Trusted certificates for verifying the remote endpoint's certificate.
void	trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory) Trust manager for verifying the remote endpoint's certificate.

Methods inherited from class io.servicetalk.transport.netty.internal.ReadOnlyServerSecurityConfig

clientAuth

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

keyManagerFactory

@Nullable
protected javax.net.ssl.KeyManagerFactory keyManagerFactory

keyCertChainSupplier

protected java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier

keySupplier

protected java.util.function.Supplier<java.io.InputStream> keySupplier

keyPassword

@Nullable
protected java.lang.String keyPassword

Constructor Detail

ServerSecurityConfig

public ServerSecurityConfig()

Method Detail

trustManager

public void trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)

Trusted certificates for verifying the remote endpoint's certificate. The input stream should contain an X.509 certificate chain in PEM format.

Parameters:

trustCertChainSupplier - a supplier for the certificate chain input stream.

trustManager

public void trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)

Trust manager for verifying the remote endpoint's certificate. The TrustManagerFactory which take preference over any configured Supplier.

Parameters:

trustManagerFactory - the TrustManagerFactory to use.

protocols

public void protocols(java.lang.String... protocols)

The SSL protocols to enable, in the order of preference.

Parameters:

protocols - the protocols to use.

ciphers

public void ciphers(java.lang.Iterable<java.lang.String> ciphers)

The cipher suites to enable, in the order of preference.

Parameters:

ciphers - the ciphers to use.

sessionCacheSize

public void sessionCacheSize(long sessionCacheSize)

Set the size of the cache used for storing SSL session objects.

Parameters:

sessionCacheSize - the cache size.

sessionTimeout

public void sessionTimeout(long sessionTimeout)

Set the timeout for the cached SSL session objects, in seconds.

Parameters:

sessionTimeout - the session timeout.

provider

public void provider(SecurityConfigurator.SslProvider provider)

Sets the SecurityConfigurator.SslProvider to use.

Parameters:

provider - the provider.

keyManager

public void keyManager(javax.net.ssl.KeyManagerFactory keyManagerFactory)

Identifying certificate for this host. keyManagerFactory may be null, which disables mutual authentication. The KeyManagerFactory which take preference over any configured Supplier.

Parameters:

keyManagerFactory - an KeyManagerFactory.

keyManager

public void keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
                       java.util.function.Supplier<java.io.InputStream> keySupplier)

Identifying certificate for this host. keyCertChainInputStream and keyInputStream may be null, which disables mutual authentication.

Parameters:

keyCertChainSupplier - a Supplier that will provide an input stream for a X.509 certificate chain in PEM format.

keySupplier - an Supplier that will provide an input stream for a KCS#8 private key in PEM format.

keyManager

public void keyManager(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
                       java.util.function.Supplier<java.io.InputStream> keySupplier,
                       java.lang.String keyPassword)

Identifying certificate for this host. keyCertChainInputStream and keyInputStream may be null, which disables mutual authentication.

Parameters:

keyCertChainSupplier - an Supplier that will provide an input stream for a X.509 certificate chain in PEM format.

keySupplier - an Supplier that will provide an input stream for a KCS#8 private key in PEM format.

keyPassword - the password of the keyInputStream.

clientAuth

public void clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)

Sets the client authentication mode.

Parameters:

clientAuth - the auth configuration to use.

asReadOnly

public ReadOnlyServerSecurityConfig asReadOnly()

Returns this config as a ReadOnlyServerSecurityConfig.

Returns:

This config as a ReadOnlyServerSecurityConfig.