Interface GrpcServerSecurityConfigurator
-
- All Superinterfaces:
SecurityConfigurator
,ServerSecurityConfigurator
public interface GrpcServerSecurityConfigurator extends ServerSecurityConfigurator
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface io.servicetalk.transport.api.SecurityConfigurator
SecurityConfigurator.SslProvider
-
Nested classes/interfaces inherited from interface io.servicetalk.transport.api.ServerSecurityConfigurator
ServerSecurityConfigurator.ClientAuth
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description GrpcServerSecurityConfigurator
ciphers(java.lang.Iterable<java.lang.String> ciphers)
The cipher suites to enable, in the order of preference.GrpcServerSecurityConfigurator
clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)
Sets the client authentication mode.GrpcServerBuilder
commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
Commit configuring server security.GrpcServerBuilder
commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
Commit configuring server security.GrpcServerBuilder
commit(javax.net.ssl.KeyManagerFactory keyManagerFactory)
Commit configuring server security.GrpcServerSecurityConfigurator
protocols(java.lang.String... protocols)
The SSL protocols to enable, in the order of preference.GrpcServerSecurityConfigurator
provider(SecurityConfigurator.SslProvider provider)
Sets theSecurityConfigurator.SslProvider
to use.GrpcServerSecurityConfigurator
sessionCacheSize(long sessionCacheSize)
Set the size of the cache used for storing SSL session objects.GrpcServerSecurityConfigurator
sessionTimeout(long sessionTimeout)
Set the timeout for the cached SSL session objects, in seconds.GrpcServerSecurityConfigurator
trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
Trusted certificates for verifying the remote endpoint's certificate.GrpcServerSecurityConfigurator
trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
Trust manager for verifying the remote endpoint's certificate.
-
-
-
Method Detail
-
trustManager
GrpcServerSecurityConfigurator trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
Description copied from interface:SecurityConfigurator
Trusted certificates for verifying the remote endpoint's certificate. The input stream should contain anX.509
certificate chain inPEM
format.- Specified by:
trustManager
in interfaceSecurityConfigurator
- Specified by:
trustManager
in interfaceServerSecurityConfigurator
- Parameters:
trustCertChainSupplier
- a supplier for the certificate chain input stream.The responsibility to call
InputStream.close()
is transferred to callers of the returnedSupplier
. If this is not the desired behavior then wrap theInputStream
and overrideInputStream.close()
.- Returns:
this
.
-
trustManager
GrpcServerSecurityConfigurator trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
Description copied from interface:SecurityConfigurator
Trust manager for verifying the remote endpoint's certificate. TheTrustManagerFactory
which take preference over any configuredSupplier
.- Specified by:
trustManager
in interfaceSecurityConfigurator
- Specified by:
trustManager
in interfaceServerSecurityConfigurator
- Parameters:
trustManagerFactory
- theTrustManagerFactory
to use.- Returns:
this
.
-
protocols
GrpcServerSecurityConfigurator protocols(java.lang.String... protocols)
Description copied from interface:SecurityConfigurator
The SSL protocols to enable, in the order of preference.- Specified by:
protocols
in interfaceSecurityConfigurator
- Specified by:
protocols
in interfaceServerSecurityConfigurator
- Parameters:
protocols
- the protocols to use.- Returns:
this
.- See Also:
SSLEngine.setEnabledProtocols(String[])
-
ciphers
GrpcServerSecurityConfigurator ciphers(java.lang.Iterable<java.lang.String> ciphers)
Description copied from interface:SecurityConfigurator
The cipher suites to enable, in the order of preference.- Specified by:
ciphers
in interfaceSecurityConfigurator
- Specified by:
ciphers
in interfaceServerSecurityConfigurator
- Parameters:
ciphers
- the ciphers to use.- Returns:
this
.
-
sessionCacheSize
GrpcServerSecurityConfigurator sessionCacheSize(long sessionCacheSize)
Description copied from interface:SecurityConfigurator
Set the size of the cache used for storing SSL session objects.- Specified by:
sessionCacheSize
in interfaceSecurityConfigurator
- Specified by:
sessionCacheSize
in interfaceServerSecurityConfigurator
- Parameters:
sessionCacheSize
- the cache size.- Returns:
this
.
-
sessionTimeout
GrpcServerSecurityConfigurator sessionTimeout(long sessionTimeout)
Description copied from interface:SecurityConfigurator
Set the timeout for the cached SSL session objects, in seconds.- Specified by:
sessionTimeout
in interfaceSecurityConfigurator
- Specified by:
sessionTimeout
in interfaceServerSecurityConfigurator
- Parameters:
sessionTimeout
- the session timeout.- Returns:
this
.
-
provider
GrpcServerSecurityConfigurator provider(SecurityConfigurator.SslProvider provider)
Description copied from interface:SecurityConfigurator
Sets theSecurityConfigurator.SslProvider
to use.- Specified by:
provider
in interfaceSecurityConfigurator
- Specified by:
provider
in interfaceServerSecurityConfigurator
- Parameters:
provider
- the provider.- Returns:
this
.
-
clientAuth
GrpcServerSecurityConfigurator clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)
Description copied from interface:ServerSecurityConfigurator
Sets the client authentication mode.- Specified by:
clientAuth
in interfaceServerSecurityConfigurator
- Parameters:
clientAuth
- the auth configuration to use.- Returns:
this
.
-
commit
GrpcServerBuilder commit(javax.net.ssl.KeyManagerFactory keyManagerFactory)
Commit configuring server security.- Parameters:
keyManagerFactory
- anKeyManagerFactory
.- Returns:
- Original
GrpcServerBuilder
that initiated the security configuration process.
-
commit
GrpcServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
Commit configuring server security.- Parameters:
keyCertChainSupplier
- anSupplier
that will provide an input stream for aX.509
certificate chain inPEM
format.The responsibility to call
InputStream.close()
is transferred to callers of theSupplier
. If this is not the desired behavior then wrap theInputStream
and overrideInputStream.close()
.keySupplier
- anSupplier
that will provide an input stream for aKCS#8
private key inPEM
format.The responsibility to call
InputStream.close()
is transferred to callers of theSupplier
. If this is not the desired behavior then wrap theInputStream
and overrideInputStream.close()
.- Returns:
- Original
GrpcServerBuilder
that initiated the security configuration process.
-
commit
GrpcServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
Commit configuring server security.- Parameters:
keyCertChainSupplier
- anSupplier
that will provide an input stream for aX.509
certificate chain inPEM
format.The responsibility to call
InputStream.close()
is transferred to callers of theSupplier
. If this is not the desired behavior then wrap theInputStream
and overrideInputStream.close()
.keySupplier
- anSupplier
that will provide an input stream for aKCS#8
private key inPEM
format.The responsibility to call
InputStream.close()
is transferred to callers of theSupplier
. If this is not the desired behavior then wrap theInputStream
and overrideInputStream.close()
.keyPassword
- the password of thekeyFile
.- Returns:
- Original
GrpcServerBuilder
that initiated the security configuration process.
-
-