Package org.kiwiproject.config

Class SSLContextConfiguration

java.lang.Object

org.kiwiproject.config.SSLContextConfiguration

All Implemented Interfaces:

KeyAndTrustStoreConfigProvider, TrustStoreConfigProvider

Direct Known Subclasses:

SecureEndpointsConfiguration

public class SSLContextConfiguration
extends Object
implements KeyAndTrustStoreConfigProvider

Configuration for standard/common properties required for secure (i.e. SSL/TLS) connections.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SSLContextConfiguration.Builder	A builder class for SSLContextConfiguration.

Constructor Summary

Constructors

Constructor	Description
SSLContextConfiguration()

Method Summary

Modifier and Type	Method	Description
static SSLContextConfiguration.Builder	builder()	Return a new builder instance.
String	getKeyStorePassword()	The key store password (plain text).
String	getKeyStorePath()	The path to the key store.
String	getKeyStoreType()	Key store type.
String	getProtocol()	The protocol to use.
String	getTrustStorePassword()	The trust store password (plain text).
String	getTrustStorePath()	The path to the trust store.
String	getTrustStoreType()	Trust store type.
boolean	isDisableSniHostCheck()
boolean	isVerifyHostname()	Defaults to true.
void	setDisableSniHostCheck(boolean disableSniHostCheck)
void	setKeyStorePassword(String keyStorePassword)
void	setKeyStorePath(String keyStorePath)
void	setKeyStoreType(String keyStoreType)
void	setProtocol(String protocol)
void	setTrustStorePassword(String trustStorePassword)
void	setTrustStorePath(String trustStorePath)
void	setTrustStoreType(String trustStoreType)
void	setVerifyHostname(boolean verifyHostname)
SimpleSSLContextFactory	toSimpleSSLContextFactory()	Convert this configuration to a SimpleSSLContextFactory.
SSLContext	toSSLContext()	Convert this instance to a new SSLContext.
TlsContextConfiguration	toTlsContextConfiguration()	Convert this SSLContextConfiguration to a TlsContextConfiguration.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.kiwiproject.security.TrustStoreConfigProvider

toSslSocketFactory

Constructor Details

SSLContextConfiguration

public SSLContextConfiguration()

Method Details

builder

public static SSLContextConfiguration.Builder builder()

Return a new builder instance.

Returns:

builder instance

toSSLContext

public SSLContext toSSLContext()

Convert this instance to a new SSLContext.

If you would rather not create a new instance every time, use toSimpleSSLContextFactory() to obtain a factory that will always return the same SSLContext instance.

Specified by:

toSSLContext in interface KeyAndTrustStoreConfigProvider

Specified by:

toSSLContext in interface TrustStoreConfigProvider

Returns:

a new SSLContext instance

See Also:

• KiwiSecurity.createSslContext(String, String, String, String, String, String, String)

Implementation Note:

This will always create a new instance, first creating a new SimpleSSLContextFactory and then using that to create the SSLContext.

toSimpleSSLContextFactory

public SimpleSSLContextFactory toSimpleSSLContextFactory()

Convert this configuration to a SimpleSSLContextFactory.

Returns:

a new instance

toTlsContextConfiguration

public TlsContextConfiguration toTlsContextConfiguration()

Convert this SSLContextConfiguration to a TlsContextConfiguration.

Returns:

a new TlsContextConfiguration instance

getKeyStorePath

public String getKeyStorePath()

Description copied from interface: KeyAndTrustStoreConfigProvider

The path to the key store.

Specified by:

getKeyStorePath in interface KeyAndTrustStoreConfigProvider

Returns:

key store path

getKeyStorePassword

public String getKeyStorePassword()

Description copied from interface: KeyAndTrustStoreConfigProvider

The key store password (plain text).

Specified by:

getKeyStorePassword in interface KeyAndTrustStoreConfigProvider

Returns:

key store password

getTrustStorePath

public String getTrustStorePath()

Description copied from interface: TrustStoreConfigProvider

The path to the trust store.

Specified by:

getTrustStorePath in interface TrustStoreConfigProvider

Returns:

path to trust store

getTrustStorePassword

public String getTrustStorePassword()

Description copied from interface: TrustStoreConfigProvider

The trust store password (plain text).

Specified by:

getTrustStorePassword in interface TrustStoreConfigProvider

Returns:

trust store password

getProtocol

public String getProtocol()

Description copied from interface: TrustStoreConfigProvider

The protocol to use. Consider using SSLContextProtocol to ensure valid protocols.

Specified by:

getProtocol in interface TrustStoreConfigProvider

Returns:

protocol

See Also:

• SSLContextProtocol

getKeyStoreType

public String getKeyStoreType()

Description copied from interface: KeyAndTrustStoreConfigProvider

Key store type. Default is JKS.

Specified by:

getKeyStoreType in interface KeyAndTrustStoreConfigProvider

Returns:

key store type

See Also:

• KeyStoreType.JKS

getTrustStoreType

public String getTrustStoreType()

Description copied from interface: TrustStoreConfigProvider

Trust store type. Default is JKS.

Specified by:

getTrustStoreType in interface TrustStoreConfigProvider

Returns:

trust store type

See Also:

• KeyStoreType.JKS

isVerifyHostname

public boolean isVerifyHostname()

Description copied from interface: TrustStoreConfigProvider

Defaults to true.

Specified by:

isVerifyHostname in interface TrustStoreConfigProvider

Returns:

true if hostname verification should be performed

isDisableSniHostCheck

public boolean isDisableSniHostCheck()

setKeyStorePath

public void setKeyStorePath(String keyStorePath)

setKeyStorePassword

public void setKeyStorePassword(String keyStorePassword)

setTrustStorePath

public void setTrustStorePath(String trustStorePath)

setTrustStorePassword

public void setTrustStorePassword(String trustStorePassword)

setProtocol

public void setProtocol(String protocol)

setKeyStoreType

public void setKeyStoreType(String keyStoreType)

setTrustStoreType

public void setTrustStoreType(String trustStoreType)

setVerifyHostname

public void setVerifyHostname(boolean verifyHostname)

setDisableSniHostCheck

public void setDisableSniHostCheck(boolean disableSniHostCheck)