public class TlsSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware> extends TcpSocketAppenderFactory<E>
AppenderFactory
implementation which provides an appender that writes events to a TCP socket
secured by the TLS/SSL protocol on the presentation layer.
Configuration Parameters:
Name | Default | Description |
keyStorePath |
(none) | The path to the Java key store which contains the host certificate and private key. |
keyStorePassword |
(none) | The password used to access the key store. |
keyStoreType |
JKS |
The type of key store (usually JKS , PKCS12 , JCEKS ,
Windows-MY , or Windows-ROOT ).
|
keyStoreProvider |
(none) | The JCE provider to use to access the key store. |
trustStorePath |
(none) | The path to the Java key store which contains the CA certificates used to establish trust. |
trustStorePassword |
(none) | The password used to access the trust store. |
trustStoreType |
JKS |
The type of trust store (usually JKS , PKCS12 , JCEKS ,
Windows-MY , or Windows-ROOT ).
|
trustStoreProvider |
(none) | The JCE provider to use to access the trust store. |
jceProvider |
(none) | The name of the JCE provider to use for cryptographic support. |
validateCerts |
false | Whether or not to validate TLS certificates before starting. If enabled, Dropwizard will refuse to start with expired or otherwise invalid certificates. |
validatePeers |
false | Whether or not to validate TLS peer certificates. |
supportedProtocols |
JVM default |
A list of protocols (e.g., SSLv3 , TLSv1 ) which are supported. All
other protocols will be refused.
|
excludedProtocols |
[SSL, SSLv2, SSLv2Hello, SSLv3] |
A list of protocols (e.g., SSLv3 , TLSv1 ) which are excluded. These
protocols will be refused.
|
supportedCipherSuites |
JVM default |
A list of cipher suites (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ) which
are supported. All other cipher suites will be refused
|
excludedCipherSuites |
[.*_(MD5|SHA|SHA1)$] |
A list of cipher suites (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ) which
are excluded. These cipher suites will be refused.
|
TcpSocketAppenderFactory
.TcpSocketAppenderFactory
layout, logFormat, threshold, timeZone
Constructor and Description |
---|
TlsSocketAppenderFactory() |
appender, getConnectionTimeout, getHost, getPort, getSendBufferSize, isImmediateFlush, setConnectionTimeout, setHost, setImmediateFlush, setPort, setSendBufferSize
build
buildLayout, getDiscardingThreshold, getFilterFactories, getLayout, getLogFormat, getMessageRate, getQueueSize, getThreshold, getTimeZone, isIncludeCallerData, setDiscardingThreshold, setFilterFactories, setIncludeCallerData, setLayout, setLogFormat, setMessageRate, setNeverBlock, setQueueSize, setThreshold, setTimeZone, setTimeZone, wrapAsync, wrapAsync
public boolean isValidatePeers()
public void setValidatePeers(boolean validatePeers)
public boolean isValidateCerts()
public void setValidateCerts(boolean validateCerts)
public void setTrustStoreProvider(String trustStoreProvider)
public void setTrustStoreType(String trustStoreType)
public void setTrustStorePassword(String trustStorePassword)
public void setTrustStorePath(String trustStorePath)
public void setKeyStoreProvider(String keyStoreProvider)
public void setKeyStoreType(String keyStoreType)
public void setKeyStorePassword(String keyStorePassword)
public void setKeyStorePath(String keyStorePath)
public void setJceProvider(String jceProvider)
protected SocketFactory socketFactory()
socketFactory
in class TcpSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware>
Copyright © 2019. All rights reserved.