public class SslContextFactory extends AbstractSslContextFactory
SSLContext and always returns it
as a result of further invocations of the AbstractSslContextFactory.create()} method.
In some cases it is useful to disable certificate validation of client side (e.g. when connecting
to a server with self-signed certificate). This can be achieved by setting a disabled trust manager
to this factory, which can be obtained by getDisabledTrustManager() method:
SslContextFactory factory = new SslContextFactory();
factory.setTrustManagers(SslContextFactory.getDisabledTrustManager());
// Rest of initialization.
| Modifier and Type | Field and Description |
|---|---|
static String |
DFLT_KEY_ALGORITHM
Default key manager / trust manager algorithm.
|
static String |
DFLT_SSL_PROTOCOL
Default SSL protocol.
|
static String |
DFLT_STORE_TYPE
Default key / trust store type.
|
protected String |
keyAlgorithm
Key manager algorithm.
|
protected String |
keyStoreFilePath
Path to key store file
|
protected char[] |
keyStorePwd
Key store password
|
protected String |
keyStoreType
Key store type.
|
protected TrustManager[] |
trustMgrs
Trust managers.
|
protected String |
trustStoreFilePath
Path to trust store.
|
protected char[] |
trustStorePwd
Trust store password
|
protected String |
trustStoreType
Trust store type.
|
cipherSuites, proto, protocols, sslCtx| Constructor and Description |
|---|
SslContextFactory() |
| Modifier and Type | Method and Description |
|---|---|
protected void |
checkParameters()
Checks that all required parameters are set.
|
protected KeyManager[] |
createKeyManagers() |
protected TrustManager[] |
createTrustManagers() |
static TrustManager |
getDisabledTrustManager()
Returns an instance of trust manager that will always succeed regardless of certificate provided.
|
String |
getKeyAlgorithm()
Gets algorithm that will be used to create a key manager.
|
String |
getKeyStoreFilePath()
Gets path to the key store file.
|
char[] |
getKeyStorePassword()
Gets key store password.
|
String |
getKeyStoreType()
Gets key store type used for context creation.
|
TrustManager[] |
getTrustManagers()
Gets pre-configured trust managers.
|
String |
getTrustStoreFilePath()
Gets path to the trust store file.
|
char[] |
getTrustStorePassword()
Gets trust store password.
|
String |
getTrustStoreType()
Gets trust store type used for context creation.
|
protected KeyStore |
loadKeyStore(String keyStoreType,
String storeFilePath,
char[] keyStorePwd)
Loads key store with configured parameters.
|
protected InputStream |
openFileInputStream(String filePath)
By default, this method simply opens a raw file input stream.
|
void |
setKeyAlgorithm(String keyAlgorithm)
Sets key manager algorithm that will be used to create a key manager.
|
void |
setKeyStoreFilePath(String keyStoreFilePath)
Sets path to the key store file.
|
void |
setKeyStorePassword(char[] keyStorePwd)
Sets key store password.
|
void |
setKeyStoreType(String keyStoreType)
Sets key store type used in context initialization.
|
void |
setTrustManagers(TrustManager... trustMgrs)
Sets pre-configured trust managers.
|
void |
setTrustStoreFilePath(String trustStoreFilePath)
Sets path to the trust store file.
|
void |
setTrustStorePassword(char[] trustStorePwd)
Sets trust store password.
|
void |
setTrustStoreType(String trustStoreType)
Sets trust store type used in context initialization.
|
String |
toString() |
checkNullParameter, create, getCipherSuites, getProtocol, getProtocols, setCipherSuites, setProtocol, setProtocolspublic static final String DFLT_STORE_TYPE
public static final String DFLT_SSL_PROTOCOL
public static final String DFLT_KEY_ALGORITHM
protected String keyAlgorithm
protected String keyStoreType
protected String keyStoreFilePath
protected char[] keyStorePwd
protected String trustStoreType
protected String trustStoreFilePath
protected char[] trustStorePwd
protected TrustManager[] trustMgrs
public String getKeyStoreType()
public void setKeyStoreType(String keyStoreType)
DFLT_STORE_TYPE will
be used.keyStoreType - Key store type.public String getTrustStoreType()
public void setTrustStoreType(String trustStoreType)
DFLT_STORE_TYPE will
be used.trustStoreType - Trust store type.public String getKeyAlgorithm()
DFLT_KEY_ALGORITHM
will be used.public void setKeyAlgorithm(String keyAlgorithm)
keyAlgorithm - Key algorithm name.public String getKeyStoreFilePath()
public void setKeyStoreFilePath(String keyStoreFilePath)
keyStoreFilePath - Path to key store file.public char[] getKeyStorePassword()
public void setKeyStorePassword(char[] keyStorePwd)
keyStorePwd - Key store password.public String getTrustStoreFilePath()
public void setTrustStoreFilePath(String trustStoreFilePath)
setTrustStoreFilePath(String), setTrustManagers(TrustManager[])
properties must be set.trustStoreFilePath - Path to the trust store file.public char[] getTrustStorePassword()
public void setTrustStorePassword(char[] trustStorePwd)
trustStorePwd - Trust store password.public TrustManager[] getTrustManagers()
public void setTrustManagers(TrustManager... trustMgrs)
setTrustStoreFilePath(String), #setTrustManagers(TrustManager[])trustMgrs - Pre-configured trust managers.public static TrustManager getDisabledTrustManager()
protected final KeyManager[] createKeyManagers() throws SSLException
createKeyManagers in class AbstractSslContextFactorySSLException - If Key Managers could not be created.protected final TrustManager[] createTrustManagers() throws SSLException
createTrustManagers in class AbstractSslContextFactorySSLException - If Trust Managers could not be created.protected void checkParameters()
throws SSLException
checkParameters in class AbstractSslContextFactorySSLException - If any of required parameters is missing.protected InputStream openFileInputStream(String filePath) throws IOException
filePath - Path to the file.IOException - If stream could not be opened.protected KeyStore loadKeyStore(String keyStoreType, String storeFilePath, char[] keyStorePwd) throws SSLException
keyStoreType - Type of key store.storeFilePath - Path to key store file.keyStorePwd - Store password.SSLException - If key store could not be initialized.
Follow @ApacheIgnite
Ignite Database and Caching Platform : ver. 2.16.0 Release Date : December 15 2023