Module io.helidon.common.tls
Package io.helidon.common.tls
Class TlsConfig.BuilderBase.TlsConfigImpl
java.lang.Object
io.helidon.common.tls.TlsConfig.BuilderBase.TlsConfigImpl
- All Implemented Interfaces:
Prototype.Api
,Prototype.Factory<Tls>
,TlsConfig
,Supplier<Tls>
- Enclosing class:
TlsConfig.BuilderBase<BUILDER extends TlsConfig.BuilderBase<BUILDER,
PROTOTYPE>, PROTOTYPE extends TlsConfig>
protected static class TlsConfig.BuilderBase.TlsConfigImpl
extends Object
implements TlsConfig, Supplier<Tls>
Generated implementation of the prototype, can be extended by descendant prototype implementations.
-
Nested Class Summary
Nested classes/interfaces inherited from interface io.helidon.common.tls.TlsConfig
TlsConfig.Builder, TlsConfig.BuilderBase<BUILDER extends TlsConfig.BuilderBase<BUILDER,
PROTOTYPE>, PROTOTYPE extends TlsConfig> -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
The default protocol is set to "TLS".static final int
The default session cache size as defined for unset value inSSLSessionContext.getSessionCacheSize()
.static final String
The default session timeout as defined for unset value inSSLSessionContext.getSessionTimeout()
. -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
TlsConfigImpl
(TlsConfig.BuilderBase<?, ?> builder) Create an instance providing a builder. -
Method Summary
Modifier and TypeMethodDescriptionConfigure list of supported application protocols (such ash2
) for application layer protocol negotiation (ALPN).build()
Create a new instance of the runtime type from this config object.Configure requirement for mutual TLS.boolean
enabled()
Flag indicating whether Tls is enabled.Enabled cipher suites for TLS communication.Enabled protocols for TLS communication.Identification algorithm for SSL endpoints.boolean
get()
int
hashCode()
Provider of the key stores used internally to create a key and trust manager factories.Type of the key stores used internally to create a key and trust manager factories.Algorithm of the key manager factory used when private key is defined.Key manager factory provider.manager()
The Tls manager.Private key to use.Certificate chain of the private key.protocol()
Configure the protocol used to obtain an instance ofSSLContext
.provider()
Use explicit provider to obtain an instance ofSSLContext
.Certificate revocation check configuration.Explicit secure random to use.Algorithm to use when creating a new secure random.Provider to use when creating a new secure random.int
SSL session cache size.SSL session timeout.Provide a fully configuredSSLContext
.Configure SSL parameters.toString()
trust()
List of certificates that form the trust manager.boolean
trustAll()
Trust any certificate provided by the other side of communication.Trust manager factory algorithm.Trust manager factory provider to use.
-
Field Details
-
DEFAULT_PROTOCOL
The default protocol is set to "TLS".- See Also:
-
DEFAULT_SESSION_CACHE_SIZE
static final int DEFAULT_SESSION_CACHE_SIZEThe default session cache size as defined for unset value inSSLSessionContext.getSessionCacheSize()
.- See Also:
-
DEFAULT_SESSION_TIMEOUT
The default session timeout as defined for unset value inSSLSessionContext.getSessionTimeout()
.- See Also:
-
-
Constructor Details
-
TlsConfigImpl
Create an instance providing a builder.- Parameters:
builder
- extending builder base of this prototype
-
-
Method Details
-
build
Description copied from interface:Prototype.Factory
Create a new instance of the runtime type from this config object.- Specified by:
build
in interfacePrototype.Factory<Tls>
- Returns:
- new configured runtime instance
-
get
-
sslContext
Description copied from interface:TlsConfig
Provide a fully configuredSSLContext
. If defined, context related configuration is ignored.- Specified by:
sslContext
in interfaceTlsConfig
- Returns:
- SSL context to use
-
privateKey
Description copied from interface:TlsConfig
Private key to use. For server side TLS, this is required. For client side TLS, this is optional (used when mutual TLS is enabled).- Specified by:
privateKey
in interfaceTlsConfig
- Returns:
- private key to use
-
privateKeyCertChain
Description copied from interface:TlsConfig
Certificate chain of the private key.- Specified by:
privateKeyCertChain
in interfaceTlsConfig
- Returns:
- private key certificate chain, only used when private key is configured
-
trust
Description copied from interface:TlsConfig
List of certificates that form the trust manager. -
manager
Description copied from interface:TlsConfig
The Tls manager. If one is not explicitly defined in the config then a default manager will be created. -
secureRandom
Description copied from interface:TlsConfig
Explicit secure random to use.- Specified by:
secureRandom
in interfaceTlsConfig
- Returns:
- secure random to use
-
sslParameters
Description copied from interface:TlsConfig
Configure SSL parameters. This will always have a value, as we compute ssl parameters in a builder interceptor from configured options.- Specified by:
sslParameters
in interfaceTlsConfig
- Returns:
- SSL parameters to use
-
secureRandomProvider
Description copied from interface:TlsConfig
Provider to use when creating a new secure random. When defined,TlsConfig.secureRandomAlgorithm()
must be defined as well.- Specified by:
secureRandomProvider
in interfaceTlsConfig
- Returns:
- provider to use, by default no provider is specified
-
secureRandomAlgorithm
Description copied from interface:TlsConfig
Algorithm to use when creating a new secure random.- Specified by:
secureRandomAlgorithm
in interfaceTlsConfig
- Returns:
- algorithm to use, by default uses
SecureRandom
constructor
-
keyManagerFactoryAlgorithm
Description copied from interface:TlsConfig
Algorithm of the key manager factory used when private key is defined. Defaults toKeyManagerFactory.getDefaultAlgorithm()
.- Specified by:
keyManagerFactoryAlgorithm
in interfaceTlsConfig
- Returns:
- algorithm to use
-
keyManagerFactoryProvider
Description copied from interface:TlsConfig
Key manager factory provider.- Specified by:
keyManagerFactoryProvider
in interfaceTlsConfig
- Returns:
- provider to use
-
trustManagerFactoryAlgorithm
Description copied from interface:TlsConfig
Trust manager factory algorithm.- Specified by:
trustManagerFactoryAlgorithm
in interfaceTlsConfig
- Returns:
- algorithm to use
-
trustManagerFactoryProvider
Description copied from interface:TlsConfig
Trust manager factory provider to use.- Specified by:
trustManagerFactoryProvider
in interfaceTlsConfig
- Returns:
- provider to use
-
applicationProtocols
Description copied from interface:TlsConfig
Configure list of supported application protocols (such ash2
) for application layer protocol negotiation (ALPN).- Specified by:
applicationProtocols
in interfaceTlsConfig
- Returns:
- application protocols
-
endpointIdentificationAlgorithm
Description copied from interface:TlsConfig
Identification algorithm for SSL endpoints.- Specified by:
endpointIdentificationAlgorithm
in interfaceTlsConfig
- Returns:
- configure endpoint identification algorithm, or set to
NONE
to disable endpoint identification (equivalent to hostname verification). Defaults to "HTTPS"
-
enabled
public boolean enabled()Description copied from interface:TlsConfig
Flag indicating whether Tls is enabled. -
trustAll
public boolean trustAll()Description copied from interface:TlsConfig
Trust any certificate provided by the other side of communication.This is a dangerous setting: if set to
true
, any certificate will be accepted, throwing away most of the security advantages of TLS. NEVER do this in production. -
clientAuth
Description copied from interface:TlsConfig
Configure requirement for mutual TLS.- Specified by:
clientAuth
in interfaceTlsConfig
- Returns:
- what type of mutual TLS to use, defaults to
TlsClientAuth.NONE
-
protocol
Description copied from interface:TlsConfig
Configure the protocol used to obtain an instance ofSSLContext
. -
provider
Description copied from interface:TlsConfig
Use explicit provider to obtain an instance ofSSLContext
.- Specified by:
provider
in interfaceTlsConfig
- Returns:
- provider to use, defaults to none (only
TlsConfig.protocol()
is used by default)
-
enabledCipherSuites
Description copied from interface:TlsConfig
Enabled cipher suites for TLS communication.- Specified by:
enabledCipherSuites
in interfaceTlsConfig
- Returns:
- cipher suites to enable, by default (or if list is empty), all available cipher suites are enabled
-
enabledProtocols
Description copied from interface:TlsConfig
Enabled protocols for TLS communication. Example of valid values forTLS
protocol:TLSv1.3
,TLSv1.2
- Specified by:
enabledProtocols
in interfaceTlsConfig
- Returns:
- protocols to enable, by default (or if list is empty), all available protocols are enabled
-
sessionCacheSize
public int sessionCacheSize()Description copied from interface:TlsConfig
SSL session cache size.- Specified by:
sessionCacheSize
in interfaceTlsConfig
- Returns:
- session cache size, defaults to 20480.
-
sessionTimeout
Description copied from interface:TlsConfig
SSL session timeout.- Specified by:
sessionTimeout
in interfaceTlsConfig
- Returns:
- session timeout, defaults to "PT24H".
-
internalKeystoreType
Description copied from interface:TlsConfig
Type of the key stores used internally to create a key and trust manager factories.- Specified by:
internalKeystoreType
in interfaceTlsConfig
- Returns:
- keystore type, defaults to
KeyStore.getDefaultType()
-
internalKeystoreProvider
Description copied from interface:TlsConfig
Provider of the key stores used internally to create a key and trust manager factories.- Specified by:
internalKeystoreProvider
in interfaceTlsConfig
- Returns:
- keystore provider, if not defined, provider is not specified
-
revocation
Description copied from interface:TlsConfig
Certificate revocation check configuration.- Specified by:
revocation
in interfaceTlsConfig
- Returns:
- certificate revocation configuration
-
toString
-
equals
-
hashCode
public int hashCode()
-