public class SslContextFactory extends Object implements javax.cache.configuration.Factory<SSLContext>
SSLContext
and always returns it
as a result of further invocations of the create()
} method.
In some cases it is useful to disable certificate validation of client side (e.g. when connecting
to a server with self-signed certificate). This can be achieved by setting a disabled trust manager
to this factory, which can be obtained by getDisabledTrustManager()
method:
SslContextFactory factory = new SslContextFactory(); factory.setTrustManagers(SslContextFactory.getDisabledTrustManager()); // Rest of initialization.
Modifier and Type | Field and Description |
---|---|
static String |
DFLT_KEY_ALGORITHM
Default key manager / trust manager algorithm.
|
static boolean |
DFLT_NEED_CLIENT_AUTH
Whether SSL needs client authentication by default.
|
static String |
DFLT_SSL_PROTOCOL
Default SSL protocol.
|
static String |
DFLT_STORE_TYPE
Default key / trust store type.
|
static String |
IGNITE_KEY_ALGORITHM_PROPERTY
Deprecated.
Use
"ssl.KeyManagerFactory.algorithm" instead as per JSSE standard.
Should be considered for deletion in 9.0. |
Constructor and Description |
---|
SslContextFactory() |
Modifier and Type | Method and Description |
---|---|
SSLContext |
create() |
String[] |
getCipherSuites()
Gets enabled cipher suites.
|
static TrustManager |
getDisabledTrustManager()
Returns an instance of trust manager that will always succeed regardless of certificate provided.
|
String |
getKeyAlgorithm()
Gets algorithm that will be used to create a key manager.
|
String |
getKeyStoreFilePath()
Gets path to the key store file.
|
char[] |
getKeyStorePassword()
Gets key store password.
|
String |
getKeyStoreType()
Gets key store type used for context creation.
|
boolean |
getNeedClientAuth()
Returns
true if SSL needs client authentication. |
String |
getProtocol()
Gets protocol for secure transport.
|
String[] |
getProtocols()
Gets enabled protocols.
|
TrustManager[] |
getTrustManagers()
Gets pre-configured trust managers.
|
String |
getTrustStoreFilePath()
Gets path to the trust store file.
|
char[] |
getTrustStorePassword()
Gets trust store password.
|
String |
getTrustStoreType()
Gets trust store type used for context creation.
|
protected InputStream |
openFileInputStream(String filePath)
By default, this method simply opens a raw file input stream.
|
void |
setCipherSuites(String... cipherSuites)
Sets enabled cipher suites.
|
void |
setKeyAlgorithm(String keyAlgorithm)
Sets key manager algorithm that will be used to create a key manager.
|
void |
setKeyStoreFilePath(String keyStoreFilePath)
Sets path to the key store file.
|
void |
setKeyStorePassword(char[] keyStorePwd)
Sets key store password.
|
void |
setKeyStoreType(String keyStoreType)
Sets key store type used in context initialization.
|
void |
setNeedClientAuth(boolean needClientAuth)
Sets whether SSL needs client authentication.
|
void |
setProtocol(String proto)
Sets protocol for secure transport.
|
void |
setProtocols(String... protocols)
Sets enabled protocols.
|
void |
setTrustManagers(TrustManager... trustMgrs)
Sets pre-configured trust managers.
|
void |
setTrustStoreFilePath(String trustStoreFilePath)
Sets path to the trust store file.
|
void |
setTrustStorePassword(char[] trustStorePwd)
Sets trust store password.
|
void |
setTrustStoreType(String trustStoreType)
Sets trust store type used in context initialization.
|
String |
toString() |
public static final String DFLT_STORE_TYPE
public static final String DFLT_SSL_PROTOCOL
@Deprecated public static final String IGNITE_KEY_ALGORITHM_PROPERTY
"ssl.KeyManagerFactory.algorithm"
instead as per JSSE standard.
Should be considered for deletion in 9.0.public static final String DFLT_KEY_ALGORITHM
public static final boolean DFLT_NEED_CLIENT_AUTH
public String getKeyStoreType()
public void setKeyStoreType(String keyStoreType)
DFLT_STORE_TYPE
will
be used.keyStoreType
- Key store type.public String getTrustStoreType()
public void setTrustStoreType(String trustStoreType)
DFLT_STORE_TYPE
will
be used.trustStoreType
- Trust store type.public String getProtocol()
public void setProtocol(String proto)
DFLT_SSL_PROTOCOL
will be used.proto
- SSL protocol name.public String getKeyAlgorithm()
DFLT_KEY_ALGORITHM
will be used.public void setKeyAlgorithm(String keyAlgorithm)
keyAlgorithm
- Key algorithm name.public String getKeyStoreFilePath()
public void setKeyStoreFilePath(String keyStoreFilePath)
keyStoreFilePath
- Path to key store file.public char[] getKeyStorePassword()
public void setKeyStorePassword(char[] keyStorePwd)
keyStorePwd
- Key store password.public String getTrustStoreFilePath()
public void setTrustStoreFilePath(String trustStoreFilePath)
setTrustStoreFilePath(String)
, setTrustManagers(TrustManager[])
properties must be set.trustStoreFilePath
- Path to the trust store file.public char[] getTrustStorePassword()
public void setTrustStorePassword(char[] trustStorePwd)
trustStorePwd
- Trust store password.public TrustManager[] getTrustManagers()
public void setTrustManagers(TrustManager... trustMgrs)
setTrustStoreFilePath(String)
, #setTrustManagers(TrustManager[])
trustMgrs
- Pre-configured trust managers.public static TrustManager getDisabledTrustManager()
public void setCipherSuites(String... cipherSuites)
cipherSuites
- enabled cipher suites.public String[] getCipherSuites()
public String[] getProtocols()
public void setProtocols(String... protocols)
protocols
- Enabled protocols.public boolean getNeedClientAuth()
true
if SSL needs client authentication.true
if SSL needs client authentication.public void setNeedClientAuth(boolean needClientAuth)
DFLT_NEED_CLIENT_AUTH
.
Note that for thin clients and management tools this value is overridden by
ClientConnectorConfiguration.setSslClientAuth(boolean)
and ConnectorConfiguration.setSslClientAuth(boolean)
respectively.needClientAuth
- True if SSL needs client authentication.protected InputStream openFileInputStream(String filePath) throws IOException
filePath
- Path to the file.IOException
- If stream could not be opened.public SSLContext create()
create
in interface javax.cache.configuration.Factory<SSLContext>
GridGain In-Memory Computing Platform : ver. 8.9.15 Release Date : December 3 2024