public static class SslOptions.Builder extends Object
SslOptions
.Modifier and Type | Method and Description |
---|---|
SslOptions |
build()
Create a new instance of
SslOptions |
SslOptions.Builder |
cipherSuites(String... cipherSuites)
Sets the cipher suites to use.
|
SslOptions.Builder |
handshakeTimeout(Duration timeout)
Sets a timeout for the SSL handshake.
|
SslOptions.Builder |
jdkSslProvider()
Use the JDK SSL provider for SSL connections.
|
SslOptions.Builder |
keyManager(File keyCertChainFile,
File keyFile,
char[] keyPassword)
Sets the key file and its certificate to use for client authentication.
|
SslOptions.Builder |
keyManager(KeyManagerFactory keyManagerFactory)
Sets the
KeyManagerFactory . |
SslOptions.Builder |
keyManager(SslOptions.Resource keyCertChain,
SslOptions.Resource key,
char[] keyPassword)
Sets the key and its certificate to use for client authentication.
|
SslOptions.Builder |
keystore(File keystore)
Sets the Keystore file to load client certificates.
|
SslOptions.Builder |
keystore(File keystore,
char[] keystorePassword)
Sets the Keystore file to load client certificates.
|
SslOptions.Builder |
keystore(SslOptions.Resource resource,
char[] keystorePassword)
Sets the Java Keystore resource to load client certificates.
|
SslOptions.Builder |
keystore(URL keystore)
Sets the Keystore resource to load client certificates.
|
SslOptions.Builder |
keystore(URL keystore,
char[] keystorePassword)
Sets the Keystore resource to load client certificates.
|
SslOptions.Builder |
keyStoreType(String keyStoreType)
Sets the KeyStore type.
|
SslOptions.Builder |
openSslProvider()
Use the OpenSSL provider for SSL connections.
|
SslOptions.Builder |
protocols(String... protocols)
Sets the protocol used for the connection established to Redis Server, such as
TLSv1.2, TLSv1.1, TLSv1 . |
SslOptions.Builder |
sslContext(Consumer<SslContextBuilder> contextBuilderCustomizer)
Applies a
SslContextBuilder customizer by calling Consumer.accept(Object) |
SslOptions.Builder |
sslParameters(Supplier<SSLParameters> sslParametersSupplier)
Configures a
Supplier to create SSLParameters . |
SslOptions.Builder |
trustManager(File certCollection)
Sets the certificate file to load trusted certificates.
|
SslOptions.Builder |
trustManager(SslOptions.Resource certCollection)
Sets the certificate resource to load trusted certificates.
|
SslOptions.Builder |
trustManager(TrustManagerFactory trustManagerFactory)
Sets the
TrustManagerFactory . |
SslOptions.Builder |
truststore(File truststore)
Sets the Truststore file to load trusted certificates.
|
SslOptions.Builder |
truststore(File truststore,
String truststorePassword)
Sets the Truststore file to load trusted certificates.
|
SslOptions.Builder |
truststore(SslOptions.Resource resource,
char[] truststorePassword)
Sets the Truststore resource to load trusted certificates.
|
SslOptions.Builder |
truststore(URL truststore)
Sets the Truststore resource to load trusted certificates.
|
SslOptions.Builder |
truststore(URL truststore,
String truststorePassword)
Sets the Truststore resource to load trusted certificates.
|
public SslOptions.Builder cipherSuites(String... cipherSuites)
cipherSuites
- cipher suites to use.this
public SslOptions.Builder jdkSslProvider()
this
public SslOptions.Builder openSslProvider()
netty-tcnative
dependency with the OpenSSL JNI
binary.this
IllegalStateException
- if OpenSSL is not availablepublic SslOptions.Builder handshakeTimeout(Duration timeout)
timeout
- Duration
.this
public SslOptions.Builder keyStoreType(String keyStoreType)
KeyStore.getDefaultType()
if not set.keyStoreType
- the keystore type to use, must not be null
.this
public SslOptions.Builder keystore(File keystore)
KeyStore
which is KeyStore.getDefaultType()
by default. The keystore is reloaded on
each connection attempt that allows to replace certificates during runtime.keystore
- the keystore file, must not be null
.this
public SslOptions.Builder keystore(File keystore, char[] keystorePassword)
KeyStore
which is KeyStore.getDefaultType()
by default. The keystore is reloaded on
each connection attempt that allows to replace certificates during runtime.keystore
- the keystore file, must not be null
.keystorePassword
- the keystore password. May be empty to omit password and the keystore integrity check.this
public SslOptions.Builder keystore(URL keystore)
KeyStore
which is KeyStore.getDefaultType()
by default. The keystore is reloaded on
each connection attempt that allows to replace certificates during runtime.keystore
- the keystore URL, must not be null
.this
public SslOptions.Builder keystore(URL keystore, char[] keystorePassword)
KeyStore
which is KeyStore.getDefaultType()
by default. The keystore is reloaded on
each connection attempt that allows to replace certificates during runtime.keystore
- the keystore file, must not be null
.this
public SslOptions.Builder keyManager(File keyCertChainFile, File keyFile, char[] keyPassword)
keyCertChainFile
- an X.509 certificate chain file in PEM format.keyFile
- a PKCS#8 private key file in PEM format.keyPassword
- the password of the keyFile
, or null
if it's not password-protected.this
public SslOptions.Builder keyManager(SslOptions.Resource keyCertChain, SslOptions.Resource key, char[] keyPassword)
keyCertChain
- an SslOptions.Resource
for a X.509 certificate chain in PEM format.key
- an SslOptions.Resource
for a PKCS#8 private key in PEM format.keyPassword
- the password of the keyFile
, or null
if it's not password-protected.this
SslOptions.Resource
public SslOptions.Builder keyManager(KeyManagerFactory keyManagerFactory)
KeyManagerFactory
.keyManagerFactory
- the KeyManagerFactory
to use.this
public SslOptions.Builder keystore(SslOptions.Resource resource, char[] keystorePassword)
KeyStore
which is KeyStore.getDefaultType()
by default. The keystore is reloaded on
each connection attempt that allows to replace certificates during runtime.resource
- the provider that opens a InputStream
to the keystore file, must not be null
.keystorePassword
- the keystore password. May be empty to omit password and the keystore integrity check.this
public SslOptions.Builder protocols(String... protocols)
TLSv1.2, TLSv1.1, TLSv1
.protocols
- list of desired protocols to use.this
public SslOptions.Builder truststore(File truststore)
KeyStore
which is KeyStore.getDefaultType()
by default. The truststore is reloaded on
each connection attempt that allows to replace certificates during runtime.truststore
- the truststore file, must not be null
.this
public SslOptions.Builder truststore(File truststore, String truststorePassword)
KeyStore
which is KeyStore.getDefaultType()
by default. The truststore is reloaded on
each connection attempt that allows to replace certificates during runtime.truststore
- the truststore file, must not be null
.truststorePassword
- the truststore password. May be empty to omit password and the truststore integrity check.this
public SslOptions.Builder truststore(URL truststore)
KeyStore
which is KeyStore.getDefaultType()
by default. The truststore is reloaded on
each connection attempt that allows to replace certificates during runtime.truststore
- the truststore file, must not be null
.this
public SslOptions.Builder truststore(URL truststore, String truststorePassword)
KeyStore
which is KeyStore.getDefaultType()
by default. The truststore is reloaded on
each connection attempt that allows to replace certificates during runtime.truststore
- the truststore file, must not be null
.truststorePassword
- the truststore password. May be empty to omit password and the truststore integrity check.this
public SslOptions.Builder trustManager(File certCollection)
certCollection
- the X.509 certificate collection in PEM format.this
public SslOptions.Builder trustManager(SslOptions.Resource certCollection)
certCollection
- the X.509 certificate collection in PEM format.this
public SslOptions.Builder trustManager(TrustManagerFactory trustManagerFactory)
TrustManagerFactory
.trustManagerFactory
- the TrustManagerFactory
to use.this
public SslOptions.Builder truststore(SslOptions.Resource resource, char[] truststorePassword)
KeyStore
which is KeyStore.getDefaultType()
by default. The truststore is reloaded on
each connection attempt that allows to replace certificates during runtime.resource
- the provider that opens a InputStream
to the keystore file, must not be null
.truststorePassword
- the truststore password. May be empty to omit password and the truststore integrity check.this
public SslOptions.Builder sslContext(Consumer<SslContextBuilder> contextBuilderCustomizer)
SslContextBuilder
customizer by calling Consumer.accept(Object)
contextBuilderCustomizer
- builder callback to customize the SslContextBuilder
.this
public SslOptions.Builder sslParameters(Supplier<SSLParameters> sslParametersSupplier)
Supplier
to create SSLParameters
.sslParametersSupplier
- Supplier
for SSLParameters
.this
public SslOptions build()
SslOptions
SslOptions
Copyright © 2021 lettuce.io. All rights reserved.