Package org.kiwiproject.config

Class TlsContextConfiguration

java.lang.Object

org.kiwiproject.config.TlsContextConfiguration

All Implemented Interfaces:

KeyAndTrustStoreConfigProvider, TrustStoreConfigProvider

public class TlsContextConfiguration
extends Object
implements KeyAndTrustStoreConfigProvider

Configuration for standard/common properties required for secure TLS connections.

As this is a configuration class that supports population from external configuration, it is mutable

NOTE: This requires dropwizard-client as a dependency.

Constructor Summary

Constructors

Constructor	Description
TlsContextConfiguration()

Method Summary

Modifier and Type	Method	Description
static TlsContextConfiguration	fromDropwizardTlsConfiguration(io.dropwizard.client.ssl.TlsConfiguration tlsConfig)	Given a Dropwizard TlsConfiguration, create a new TlsContextConfiguration.
io.dropwizard.client.ssl.TlsConfiguration	toDropwizardTlsConfiguration()	Convert this TlsContextConfiguration into a Dropwizard TlsConfiguration object.
SSLContextConfiguration	toSslContextConfiguration()	Convert this configuration into a SSLContextConfiguration.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.kiwiproject.security.KeyAndTrustStoreConfigProvider

getKeyStorePassword, getKeyStorePath, getKeyStoreType, toSSLContext

Methods inherited from interface org.kiwiproject.security.TrustStoreConfigProvider

getProtocol, getTrustStorePassword, getTrustStorePath, getTrustStoreType, isVerifyHostname, toSslSocketFactory

Constructor Detail

TlsContextConfiguration

public TlsContextConfiguration()

Method Detail

fromDropwizardTlsConfiguration

public static TlsContextConfiguration fromDropwizardTlsConfiguration(io.dropwizard.client.ssl.TlsConfiguration tlsConfig)

Given a Dropwizard TlsConfiguration, create a new TlsContextConfiguration.

Even though TlsContextConfiguration does not permit null trust store properties (per the validation annotations), the TlsConfiguration does. If we encounter this sitation, we will be lenient; even though this could possibly cause downstream problems, we will jsut assume the caller knows what it is doing.

Parameters:

tlsConfig - the Dropwizard TlsConfiguration from which to pull information

Returns:

a new TlsContextConfiguration instance

Implementation Note:

Currently we do not support supportedCiphers or certAlias, which Dropwizard does.

toDropwizardTlsConfiguration

public io.dropwizard.client.ssl.TlsConfiguration toDropwizardTlsConfiguration()

Convert this TlsContextConfiguration into a Dropwizard TlsConfiguration object. Assumes that this object is valid.

Returns:

a new Dropwizard TlsConfiguration instance

Implementation Note:

Requires dropwizard-client as a dependency

toSslContextConfiguration

public SSLContextConfiguration toSslContextConfiguration()

Convert this configuration into a SSLContextConfiguration.

Note that the conversion is "lossy" since SSLContextConfiguration does not currently have a separate trustStoreType property. As a result the key store type in this instance is used to set the keyStoreType on the returned instance, which is used as both the key and trust store type. Usually this won't be an issue, as (at least in our experience) people normally use the same type of key and trust stores.

The SSLContextConfiguration also does not have supportedProtocols, so that information is lost in the conversion.

Returns:

the new SSLContextConfiguration instance