Module io.helidon.common.tls
Package io.helidon.common.tls

Class TlsConfig.BuilderBase.TlsConfigImpl

java.lang.Object
io.helidon.common.tls.TlsConfig.BuilderBase.TlsConfigImpl
All Implemented Interfaces:
Prototype.Api, Prototype.Factory<Tls>, TlsConfig, Supplier<Tls>
Enclosing class:
TlsConfig.BuilderBase<BUILDER extends TlsConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends TlsConfig>
protected static class TlsConfig.BuilderBase.TlsConfigImpl extends Object implements TlsConfig, Supplier<Tls>
Generated implementation of the prototype, can be extended by descendant prototype implementations.

  • Field Details

  • Constructor Details

    • TlsConfigImpl

      protected TlsConfigImpl(TlsConfig.BuilderBase<?,?> builder)
      Create an instance providing a builder.
      Parameters:
      builder - extending builder base of this prototype

  • Method Details

    • build

      public Tls build()
      Description copied from interface: Prototype.Factory
      Create a new instance of the runtime type from this config object.
      Specified by:
      build in interface Prototype.Factory<Tls>
      Returns:
      new configured runtime instance

    • get

      public Tls get()
      Specified by:
      get in interface Supplier<Tls>

    • sslContext

      public Optional<SSLContext> sslContext()
      Description copied from interface: TlsConfig
      Provide a fully configured SSLContext. If defined, context related configuration is ignored.
      Specified by:
      sslContext in interface TlsConfig
      Returns:
      SSL context to use

    • privateKey

      public Optional<PrivateKey> privateKey()
      Description copied from interface: TlsConfig
      Private key to use. For server side TLS, this is required. For client side TLS, this is optional (used when mutual TLS is enabled).
      Specified by:
      privateKey in interface TlsConfig
      Returns:
      private key to use

    • privateKeyCertChain

      public List<X509Certificate> privateKeyCertChain()
      Description copied from interface: TlsConfig
      Certificate chain of the private key.
      Specified by:
      privateKeyCertChain in interface TlsConfig
      Returns:
      private key certificate chain, only used when private key is configured

    • trust

      public List<X509Certificate> trust()
      Description copied from interface: TlsConfig
      List of certificates that form the trust manager.
      Specified by:
      trust in interface TlsConfig
      Returns:
      certificates to be trusted

    • manager

      public TlsManager manager()
      Description copied from interface: TlsConfig
      The Tls manager. If one is not explicitly defined in the config then a default manager will be created.
      Specified by:
      manager in interface TlsConfig
      Returns:
      the tls manager of the tls instance
      See Also:

    • secureRandom

      public Optional<SecureRandom> secureRandom()
      Description copied from interface: TlsConfig
      Explicit secure random to use.
      Specified by:
      secureRandom in interface TlsConfig
      Returns:
      secure random to use

    • sslParameters

      public Optional<SSLParameters> sslParameters()
      Description copied from interface: TlsConfig
      Configure SSL parameters. This will always have a value, as we compute ssl parameters in a builder interceptor from configured options.
      Specified by:
      sslParameters in interface TlsConfig
      Returns:
      SSL parameters to use

    • secureRandomProvider

      public Optional<String> secureRandomProvider()
      Description copied from interface: TlsConfig
      Provider to use when creating a new secure random. When defined, TlsConfig.secureRandomAlgorithm() must be defined as well.
      Specified by:
      secureRandomProvider in interface TlsConfig
      Returns:
      provider to use, by default no provider is specified

    • secureRandomAlgorithm

      public Optional<String> secureRandomAlgorithm()
      Description copied from interface: TlsConfig
      Algorithm to use when creating a new secure random.
      Specified by:
      secureRandomAlgorithm in interface TlsConfig
      Returns:
      algorithm to use, by default uses SecureRandom constructor

    • keyManagerFactoryAlgorithm

      public Optional<String> keyManagerFactoryAlgorithm()
      Description copied from interface: TlsConfig
      Algorithm of the key manager factory used when private key is defined. Defaults to KeyManagerFactory.getDefaultAlgorithm().
      Specified by:
      keyManagerFactoryAlgorithm in interface TlsConfig
      Returns:
      algorithm to use

    • keyManagerFactoryProvider

      public Optional<String> keyManagerFactoryProvider()
      Description copied from interface: TlsConfig
      Key manager factory provider.
      Specified by:
      keyManagerFactoryProvider in interface TlsConfig
      Returns:
      provider to use

    • trustManagerFactoryAlgorithm

      public Optional<String> trustManagerFactoryAlgorithm()
      Description copied from interface: TlsConfig
      Trust manager factory algorithm.
      Specified by:
      trustManagerFactoryAlgorithm in interface TlsConfig
      Returns:
      algorithm to use

    • trustManagerFactoryProvider

      public Optional<String> trustManagerFactoryProvider()
      Description copied from interface: TlsConfig
      Trust manager factory provider to use.
      Specified by:
      trustManagerFactoryProvider in interface TlsConfig
      Returns:
      provider to use

    • applicationProtocols

      public List<String> applicationProtocols()
      Description copied from interface: TlsConfig
      Configure list of supported application protocols (such as h2) for application layer protocol negotiation (ALPN).
      Specified by:
      applicationProtocols in interface TlsConfig
      Returns:
      application protocols

    • endpointIdentificationAlgorithm

      public String endpointIdentificationAlgorithm()
      Description copied from interface: TlsConfig
      Identification algorithm for SSL endpoints.
      Specified by:
      endpointIdentificationAlgorithm in interface TlsConfig
      Returns:
      configure endpoint identification algorithm, or set to NONE to disable endpoint identification (equivalent to hostname verification). Defaults to "HTTPS"

    • enabled

      public boolean enabled()
      Description copied from interface: TlsConfig
      Flag indicating whether Tls is enabled.
      Specified by:
      enabled in interface TlsConfig
      Returns:
      enabled flag

    • trustAll

      public boolean trustAll()
      Description copied from interface: TlsConfig
      Trust any certificate provided by the other side of communication.

      This is a dangerous setting: if set to true, any certificate will be accepted, throwing away most of the security advantages of TLS. NEVER do this in production.

      Specified by:
      trustAll in interface TlsConfig
      Returns:
      whether to trust all certificates, do not use in production

    • clientAuth

      public TlsClientAuth clientAuth()
      Description copied from interface: TlsConfig
      Configure requirement for mutual TLS.
      Specified by:
      clientAuth in interface TlsConfig
      Returns:
      what type of mutual TLS to use, defaults to TlsClientAuth.NONE

    • protocol

      public String protocol()
      Description copied from interface: TlsConfig
      Configure the protocol used to obtain an instance of SSLContext.
      Specified by:
      protocol in interface TlsConfig
      Returns:
      protocol to use, defaults to "TLS"

    • provider

      public Optional<String> provider()
      Description copied from interface: TlsConfig
      Use explicit provider to obtain an instance of SSLContext.
      Specified by:
      provider in interface TlsConfig
      Returns:
      provider to use, defaults to none (only TlsConfig.protocol() is used by default)

    • enabledCipherSuites

      public List<String> enabledCipherSuites()
      Description copied from interface: TlsConfig
      Enabled cipher suites for TLS communication.
      Specified by:
      enabledCipherSuites in interface TlsConfig
      Returns:
      cipher suites to enable, by default (or if list is empty), all available cipher suites are enabled

    • enabledProtocols

      public List<String> enabledProtocols()
      Description copied from interface: TlsConfig
      Enabled protocols for TLS communication. Example of valid values for TLS protocol: TLSv1.3, TLSv1.2
      Specified by:
      enabledProtocols in interface TlsConfig
      Returns:
      protocols to enable, by default (or if list is empty), all available protocols are enabled

    • sessionCacheSize

      public int sessionCacheSize()
      Description copied from interface: TlsConfig
      SSL session cache size.
      Specified by:
      sessionCacheSize in interface TlsConfig
      Returns:
      session cache size, defaults to 20480.

    • sessionTimeout

      public Duration sessionTimeout()
      Description copied from interface: TlsConfig
      SSL session timeout.
      Specified by:
      sessionTimeout in interface TlsConfig
      Returns:
      session timeout, defaults to "PT24H".

    • internalKeystoreType

      public Optional<String> internalKeystoreType()
      Description copied from interface: TlsConfig
      Type of the key stores used internally to create a key and trust manager factories.
      Specified by:
      internalKeystoreType in interface TlsConfig
      Returns:
      keystore type, defaults to KeyStore.getDefaultType()

    • internalKeystoreProvider

      public Optional<String> internalKeystoreProvider()
      Description copied from interface: TlsConfig
      Provider of the key stores used internally to create a key and trust manager factories.
      Specified by:
      internalKeystoreProvider in interface TlsConfig
      Returns:
      keystore provider, if not defined, provider is not specified

    • revocation

      public Optional<RevocationConfig> revocation()
      Description copied from interface: TlsConfig
      Certificate revocation check configuration.
      Specified by:
      revocation in interface TlsConfig
      Returns:
      certificate revocation configuration

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object