Package io.servicetalk.transport.api
Interface SslConfig
-
- All Known Subinterfaces:
ClientSslConfig
,ServerSslConfig
public interface SslConfig
Specifies the configuration for TLS/SSL.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description java.util.List<java.lang.String>
alpnProtocols()
Get the TLS ALPN protocols.java.util.List<java.lang.String>
ciphers()
Get the cipher suites to enable, in the order of preference.java.util.function.Supplier<java.io.InputStream>
keyCertChainSupplier()
Get aInputStream
which providesX.509
certificate chain inPEM
format associated withkeySupplier()
.javax.net.ssl.KeyManagerFactory
keyManagerFactory()
Get theKeyManagerFactory
to use for the SSL/TLS handshake.java.lang.String
keyPassword()
Get the password required to access the key material (e.g.java.util.function.Supplier<java.io.InputStream>
keySupplier()
Get aInputStream
which provides aPKCS#8
private key inPEM
format associated withkeyCertChainSupplier()
.SslProvider
provider()
Get theSslProvider
to use.long
sessionCacheSize()
Get the size of the cache used for storing SSL session objects.long
sessionTimeout()
Get the timeout for the cached SSL session objects, in seconds.java.util.List<java.lang.String>
sslProtocols()
Get the TLS protocols to enable, in the order of preference.java.util.function.Supplier<java.io.InputStream>
trustCertChainSupplier()
Get the trusted certificates for verifying the remote endpoint's certificate.javax.net.ssl.TrustManagerFactory
trustManagerFactory()
Get theTrustManagerFactory
used for verifying the remote endpoint's certificate.
-
-
-
Method Detail
-
trustManagerFactory
@Nullable javax.net.ssl.TrustManagerFactory trustManagerFactory()
Get theTrustManagerFactory
used for verifying the remote endpoint's certificate.- Returns:
- the
TrustManagerFactory
used for verifying the remote endpoint's certificate.
-
trustCertChainSupplier
@Nullable java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier()
Get the trusted certificates for verifying the remote endpoint's certificate. The input stream should contain anX.509
certificate chain inPEM
format.- Returns:
- the trusted certificates for verifying the remote endpoint's certificate. The input stream should
contain an
X.509
certificate chain inPEM
format.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.
-
keyManagerFactory
@Nullable javax.net.ssl.KeyManagerFactory keyManagerFactory()
Get theKeyManagerFactory
to use for the SSL/TLS handshake.- Returns:
- the
KeyManagerFactory
to use for the SSL/TLS handshake.
-
keyCertChainSupplier
@Nullable java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier()
Get aInputStream
which providesX.509
certificate chain inPEM
format associated withkeySupplier()
.- Returns:
- the certificate chain associated with
keySupplier()
.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.
-
keySupplier
@Nullable java.util.function.Supplier<java.io.InputStream> keySupplier()
Get aInputStream
which provides aPKCS#8
private key inPEM
format associated withkeyCertChainSupplier()
.- Returns:
- a
InputStream
which provides aPKCS#8
private key inPEM
format associated withkeyCertChainSupplier()
.Each invocation of the
Supplier
should provide an independent instance ofInputStream
and the caller is responsible for invokingInputStream.close()
.
-
keyPassword
@Nullable java.lang.String keyPassword()
Get the password required to access the key material (e.g. fromkeySupplier()
).- Returns:
- the password required to access the key material (e.g. from
keySupplier()
).
-
sslProtocols
@Nullable java.util.List<java.lang.String> sslProtocols()
Get the TLS protocols to enable, in the order of preference.- Returns:
- the TLS protocols to enable, in the order of preference.
- See Also:
SSLEngine.setEnabledProtocols(String[])
-
alpnProtocols
@Nullable java.util.List<java.lang.String> alpnProtocols()
Get the TLS ALPN protocols.Note that each ALPN protocol typically requires corresponding configuration at the protocol layer and as a result maybe inferred and overridden by the protocol layer.
- Returns:
- the TLS ALPN protocols.
-
ciphers
@Nullable java.util.List<java.lang.String> ciphers()
Get the cipher suites to enable, in the order of preference.- Returns:
- the cipher suites to enable, in the order of preference.
-
sessionCacheSize
long sessionCacheSize()
Get the size of the cache used for storing SSL session objects.- Returns:
- the size of the cache used for storing SSL session objects.
- See Also:
SSLSessionContext.setSessionCacheSize(int)
-
sessionTimeout
long sessionTimeout()
Get the timeout for the cached SSL session objects, in seconds.- Returns:
- the timeout for the cached SSL session objects, in seconds.
- See Also:
SSLSessionContext.setSessionTimeout(int)
-
provider
@Nullable SslProvider provider()
Get theSslProvider
to use.- Returns:
- the
SslProvider
to use.
-
-