Class ServerSslConfigBuilder
- java.lang.Object
-
- io.servicetalk.transport.api.ServerSslConfigBuilder
-
public final class ServerSslConfigBuilder extends java.lang.Object
Default builder forServerSslConfig
objects.
-
-
Constructor Summary
Constructors Constructor Description ServerSslConfigBuilder(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
Create a new instance from aInputStream
which providesX.509
certificate chain inPEM
format and aPKCS#8
private key inPEM
format.ServerSslConfigBuilder(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
Create a new instance from aInputStream
which providesX.509
certificate chain inPEM
format and aPKCS#8
private key inPEM
format.ServerSslConfigBuilder(javax.net.ssl.KeyManagerFactory kmf)
Create a new instance using theKeyManagerFactory
for SSL/TLS handshakes.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description T
alpnProtocols(java.lang.String... protocols)
Set the TLS ALPN protocols.T
alpnProtocols(java.util.List<java.lang.String> protocols)
Set the TLS ALPN protocols.ServerSslConfig
build()
Build a newServerSslConfig
.T
ciphers(java.lang.String... ciphers)
Set the cipher suites to enable, in the order of preference.T
ciphers(java.util.List<java.lang.String> ciphers)
Set the cipher suites to enable, in the order of preference.ServerSslConfigBuilder
clientAuthMode(SslClientAuthMode clientAuthMode)
Set theSslClientAuthMode
which determines how client authentication should be done.T
provider(SslProvider provider)
Get theSslProvider
to use.T
sessionCacheSize(long sessionCacheSize)
Get the size of the cache used for storing SSL session objects.T
sessionTimeout(long sessionTimeout)
Get the timeout for the cached SSL session objects, in seconds.T
sslProtocols(java.lang.String... protocols)
Set the TLS protocols to enable, in the order of preference.T
sslProtocols(java.util.List<java.lang.String> protocols)
Set the TLS protocols to enable, in the order of preference.protected ServerSslConfigBuilder
thisT()
ServerSslConfigBuilder
trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
ServerSslConfigBuilder
trustManager(javax.net.ssl.TrustManagerFactory tmf)
-
-
-
Constructor Detail
-
ServerSslConfigBuilder
public ServerSslConfigBuilder(javax.net.ssl.KeyManagerFactory kmf)
Create a new instance using theKeyManagerFactory
for SSL/TLS handshakes.- Parameters:
kmf
- theKeyManagerFactory
to use for the SSL/TLS handshakes.
-
ServerSslConfigBuilder
public ServerSslConfigBuilder(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
Create a new instance from aInputStream
which providesX.509
certificate chain inPEM
format and aPKCS#8
private key inPEM
format.- Parameters:
keyCertChainSupplier
- theX.509
certificate chain inPEM
format.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.keySupplier
- aInputStream
which provides aPKCS#8
private key in PEM format associated with.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.
-
ServerSslConfigBuilder
public ServerSslConfigBuilder(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, @Nullable java.lang.String keyPassword)
Create a new instance from aInputStream
which providesX.509
certificate chain inPEM
format and aPKCS#8
private key inPEM
format.- Parameters:
keyCertChainSupplier
- theX.509
certificate chain inPEM
format.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.keySupplier
- aInputStream
which provides aPKCS#8
private key in PEM format associated with.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.keyPassword
- the password required to access the key material fromkeySupplier
.
-
-
Method Detail
-
trustManager
public ServerSslConfigBuilder trustManager(javax.net.ssl.TrustManagerFactory tmf)
-
trustManager
public ServerSslConfigBuilder trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
-
clientAuthMode
public ServerSslConfigBuilder clientAuthMode(SslClientAuthMode clientAuthMode)
Set theSslClientAuthMode
which determines how client authentication should be done.- Parameters:
clientAuthMode
- theSslClientAuthMode
which determines how client authentication should be done.- Returns:
this
.- See Also:
SSLParameters.getNeedClientAuth()
,SSLParameters.getWantClientAuth()
-
build
public ServerSslConfig build()
Build a newServerSslConfig
.- Returns:
- a new
ServerSslConfig
.
-
thisT
protected ServerSslConfigBuilder thisT()
-
sslProtocols
public T sslProtocols(java.util.List<java.lang.String> protocols)
Set the TLS protocols to enable, in the order of preference.- Parameters:
protocols
- the TLS protocols to enable, in the order of preference.- Returns:
this
.- See Also:
SSLEngine.setEnabledProtocols(String[])
-
sslProtocols
public T sslProtocols(java.lang.String... protocols)
Set the TLS protocols to enable, in the order of preference.- Parameters:
protocols
- the TLS protocols to enable, in the order of preference.- Returns:
this
.- See Also:
SSLEngine.setEnabledProtocols(String[])
-
alpnProtocols
public T alpnProtocols(java.util.List<java.lang.String> protocols)
Set the TLS ALPN protocols.Note that each ALPN protocol typically requires corresponding configuration at the protocol layer and as a result maybe inferred and overridden by the protocol layer.
- Parameters:
protocols
- the TLS ALPN protocols.- Returns:
this
.
-
alpnProtocols
public T alpnProtocols(java.lang.String... protocols)
Set the TLS ALPN protocols.Note that each ALPN protocol typically requires corresponding configuration at the protocol layer and as a result maybe inferred and overridden by the protocol layer.
- Parameters:
protocols
- the TLS ALPN protocols.- Returns:
this
.
-
ciphers
public T ciphers(java.util.List<java.lang.String> ciphers)
Set the cipher suites to enable, in the order of preference.- Parameters:
ciphers
- the ciphers to use.- Returns:
this
.
-
ciphers
public T ciphers(java.lang.String... ciphers)
Set the cipher suites to enable, in the order of preference.- Parameters:
ciphers
- the ciphers to use.- Returns:
this
.
-
sessionCacheSize
public T sessionCacheSize(long sessionCacheSize)
Get the size of the cache used for storing SSL session objects.- Parameters:
sessionCacheSize
- the size of the cache used for storing SSL session objects.- Returns:
this
.- See Also:
SSLSessionContext.setSessionCacheSize(int)
-
sessionTimeout
public T sessionTimeout(long sessionTimeout)
Get the timeout for the cached SSL session objects, in seconds.- Parameters:
sessionTimeout
- the timeout for the cached SSL session objects, in seconds.- Returns:
this
.- See Also:
SSLSessionContext.setSessionTimeout(int)
-
provider
public T provider(SslProvider provider)
Get theSslProvider
to use.- Parameters:
provider
- theSslProvider
to use.- Returns:
this
.
-
-