Package net.devh.boot.grpc.server.config
Class GrpcServerProperties.Security
java.lang.Object
net.devh.boot.grpc.server.config.GrpcServerProperties.Security
- Enclosing class:
- GrpcServerProperties
The security configuration for the gRPC server.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
boolean
The resource containing the SSL certificate chain.Specifies the cipher suite.Whether the client has to authenticate himself via certificates.The resource containing the key store.The format of thekeyStore
.Password for the key store.The resource containing the private key.Password for the private key.String[]
Specifies the protocols accepted for secure connections.The resource containing the trusted certificate collection.The resource containing the trust store.The format of thetrustStore
.Password for the trust store.int
hashCode()
boolean
Flag that controls whether transport security is used.void
setCertificateChain
(Resource certificateChain) The resource containing the SSL certificate chain.void
setCiphers
(String ciphers) void
setClientAuth
(ClientAuth clientAuth) Whether the client has to authenticate himself via certificates.void
setEnabled
(boolean enabled) Flag that controls whether transport security is used.void
setKeyStore
(Resource keyStore) The resource containing the key store.void
setKeyStoreFormat
(String keyStoreFormat) The format of thekeyStore
.void
setKeyStorePassword
(String keyStorePassword) Password for the key store.void
setPrivateKey
(Resource privateKey) The resource containing the private key.void
setPrivateKeyPassword
(String privateKeyPassword) Password for the private key.void
setProtocols
(String protocols) void
setTrustCertCollection
(Resource trustCertCollection) The resource containing the trusted certificate collection.void
setTrustStore
(Resource trustStore) The resource containing the trust store.void
setTrustStoreFormat
(String trustStoreFormat) The format of thetrustStore
.void
setTrustStorePassword
(String trustStorePassword) Password for the trust store.toString()
-
Constructor Details
-
Security
public Security()
-
-
Method Details
-
setCiphers
-
setProtocols
-
isEnabled
public boolean isEnabled()Flag that controls whether transport security is used. Defaults tofalse
. Iftrue
, either setcertificateChain
andprivateKey
, orkeyStore
.- Returns:
- True, if transport security should be enabled. False otherwise.
-
getCertificateChain
The resource containing the SSL certificate chain. Use is combination withprivateKey
. Cannot be used in conjunction withkeyStore
.- Returns:
- The certificate chain resource or null.
- See Also:
-
GrpcSslContexts.forServer(InputStream, InputStream, String)
-
getPrivateKey
The resource containing the private key. Use in combination withcertificateChain
. Cannot be used in conjunction withkeyStore
.- Returns:
- The private key resource or null.
- See Also:
-
GrpcSslContexts.forServer(InputStream, InputStream, String)
-
getPrivateKeyPassword
Password for the private key. Use is combination withprivateKey
.- Returns:
- The password for the private key or null.
- See Also:
-
GrpcSslContexts.forServer(File, File, String)
-
getKeyStoreFormat
The format of thekeyStore
.Possible values includes:
AUTODETECT
(default)JKS
(.jks
)PKCS12
(.p12
)- any supported
KeyStore
format - Fallback to
KeyStore#getDefaultType()
- Returns:
- The trust store format to use.
-
getKeyStore
The resource containing the key store. Cannot be used in conjunction withprivateKey
.- Returns:
- The key store resource or null.
-
getKeyStorePassword
Password for the key store. Use is combination withkeyStore
.- Returns:
- The password for the key store or null.
-
getClientAuth
Whether the client has to authenticate himself via certificates. Can be either ofNONE
,OPTIONAL
orREQUIRE
. Defaults toClientAuth.NONE
.- Returns:
- Whether the client has to authenticate himself via certificates.
- See Also:
-
SslContextBuilder#clientAuth(ClientAuth)
-
getTrustCertCollection
The resource containing the trusted certificate collection. Cannot be used in conjunction withtrustStore
. If neither this nortrustCertCollection
is set then the system's trust store will be used.- Returns:
- The trusted certificate collection resource or null.
- See Also:
-
SslContextBuilder.trustManager(InputStream)
-
getTrustStoreFormat
The format of thetrustStore
.Possible values includes:
AUTODETECT
(default)JKS
(.jks
)PKCS12
(.p12
)- any supported
KeyStore
format - Fallback to
KeyStore#getDefaultType()
- Returns:
- The trust store format to use.
-
getTrustStore
The resource containing the trust store. Cannot be used in conjunction withtrustCertCollection
. If neither this nortrustCertCollection
is set then the system's trust store will be used.- Returns:
- The trust store resource or null.
-
getTrustStorePassword
Password for the trust store. Use is combination withtrustStore
.- Returns:
- The password for the trust store or null.
-
getCiphers
Specifies the cipher suite. Ifnull
or empty it will use the system's default cipher suite.- Returns:
- The cipher suite accepted for secure connections or null.
-
getProtocols
Specifies the protocols accepted for secure connections. Ifnull
or empty it will use the system's default (all supported) protocols.- Returns:
- The protocols accepted for secure connections or null.
-
setEnabled
public void setEnabled(boolean enabled) Flag that controls whether transport security is used. Defaults tofalse
. Iftrue
, either setcertificateChain
andprivateKey
, orkeyStore
.- Parameters:
enabled
- Whether transport security should be enabled.
-
setCertificateChain
The resource containing the SSL certificate chain. Use is combination withprivateKey
. Cannot be used in conjunction withkeyStore
.- Parameters:
certificateChain
- The certificate chain resource.- See Also:
-
GrpcSslContexts.forServer(InputStream, InputStream, String)
-
setPrivateKey
The resource containing the private key. Use in combination withcertificateChain
. Cannot be used in conjunction withkeyStore
.- Parameters:
privateKey
- The private key resource.- See Also:
-
GrpcSslContexts.forServer(InputStream, InputStream, String)
-
setPrivateKeyPassword
Password for the private key. Use is combination withprivateKey
.- Parameters:
privateKeyPassword
- The password for the private key.- See Also:
-
GrpcSslContexts.forServer(File, File, String)
-
setKeyStoreFormat
The format of thekeyStore
.Possible values includes:
AUTODETECT
(default)JKS
(.jks
)PKCS12
(.p12
)- any supported
KeyStore
format - Fallback to
KeyStore#getDefaultType()
- Parameters:
keyStoreFormat
- The trust store format to use.
-
setKeyStore
The resource containing the key store. Cannot be used in conjunction withprivateKey
.- Parameters:
keyStore
- The key store resource.
-
setKeyStorePassword
Password for the key store. Use is combination withkeyStore
.- Parameters:
keyStorePassword
- The password for the key store.
-
setClientAuth
Whether the client has to authenticate himself via certificates. Can be either ofNONE
,OPTIONAL
orREQUIRE
. Defaults toClientAuth.NONE
.- Parameters:
clientAuth
- Whether the client has to authenticate himself via certificates.- See Also:
-
SslContextBuilder#clientAuth(ClientAuth)
-
setTrustCertCollection
The resource containing the trusted certificate collection. Cannot be used in conjunction withtrustStore
. If neither this nortrustCertCollection
is set then the system's trust store will be used.- Parameters:
trustCertCollection
- The trusted certificate collection resource.- See Also:
-
SslContextBuilder.trustManager(InputStream)
-
setTrustStoreFormat
The format of thetrustStore
.Possible values includes:
AUTODETECT
(default)JKS
(.jks
)PKCS12
(.p12
)- any supported
KeyStore
format - Fallback to
KeyStore#getDefaultType()
- Parameters:
trustStoreFormat
- The trust store format to use.
-
setTrustStore
The resource containing the trust store. Cannot be used in conjunction withtrustCertCollection
. If neither this nortrustCertCollection
is set then the system's trust store will be used.- Parameters:
trustStore
- The trust store resource.
-
setTrustStorePassword
Password for the trust store. Use is combination withtrustStore
.- Parameters:
trustStorePassword
- The password for the trust store.
-
equals
-
canEqual
-
hashCode
public int hashCode() -
toString
-