Class AbstractConfig
- Direct Known Subclasses:
ServerConfig
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final org.slf4j.Logger
A logger to be shared with subclasses.static final String
The prefix indicating a file path. -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
Creates a new empty instance.protected
AbstractConfig
(AbstractConfig other) Creates a new instance from another instance.protected
AbstractConfig
(GenericOptions other) Creates a new instance from generic options. -
Method Summary
Modifier and TypeMethodDescriptionfinal String
Gets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.final io.vertx.core.net.KeyCertOptions
Gets the key & certificate options derived from the key store properties.final FileFormat
Get the specified format of the key files.final String
Gets the absolute path to the PEM file containing the RSA private key that will be used for authentication to peers.final String
Gets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.final String
Gets the absolute path to the key store containing the private key and certificate chain that will be used for authentication to peers.protected final String
getPassword
(String purpose, String value) Gets the password represented by a property value.final String
Gets the character separating the segments of target addresses.Gets the secure protocols that are enabled for TLS connections.Gets the names of the cipher suites that may be used in TLS connections.final io.vertx.core.net.TrustOptions
Gets the trust options derived from the trust store properties.final FileFormat
Get the specified format of the trust store.final String
Gets the password for accessing the key store containing the certificates of trusted CAs.final String
Gets the path to the key store to load certificates of trusted CAs from.protected boolean
isValidPort
(int port) Checks if a given port number is valid.final void
setCertPath
(String certPath) Sets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.final void
setKeyFormat
(FileFormat keyFormat) Specify the format of the key material explicitly.final void
setKeyPath
(String keyPath) Sets the absolute path to the PEM file containing the RSA private key that should be used for authentication to peers.final void
setKeyStorePassword
(String keyStorePassword) Sets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.final void
setKeyStorePath
(String keyStorePath) Sets the absolute path to the key store containing the private key and certificate chain that should be used for authentication to peers.final void
setPathSeparator
(String pathSeparator) Sets the character separating the segments of target addresses.final void
setSecureProtocols
(List<String> enabledProtocols) Sets the secure protocols that are enabled for TLS connections.final void
setSupportedCipherSuites
(List<String> cipherSuites) Sets the names of the cipher suites that may be used in TLS connections.final void
setTrustStoreFormat
(FileFormat trustStoreFormat) Specify the format of the trust store explicitly.final void
setTrustStorePassword
(String trustStorePassword) Sets the password for accessing the key store containing the certificates of trusted CAs.final void
setTrustStorePath
(String trustStorePath) Sets the path to the key store to load certificates of trusted CAs from.
-
Field Details
-
PREFIX_FILE
The prefix indicating a file path.- See Also:
-
LOG
protected final org.slf4j.Logger LOGA logger to be shared with subclasses.
-
-
Constructor Details
-
AbstractConfig
protected AbstractConfig()Creates a new empty instance. -
AbstractConfig
Creates a new instance from another instance.- Parameters:
other
- The other instance. All of the other instance's properties are copied to the newly created instance.
-
AbstractConfig
Creates a new instance from generic options.- Parameters:
other
- The options. All of the options are copied to the newly created instance.
-
-
Method Details
-
getPassword
Gets the password represented by a property value.This method determines the password as follows:
- Parameters:
purpose
- A (very) short description of the context in which the password is being used.value
- The property value to determine the password from.- Returns:
- The password.
- Throws:
NullPointerException
- if any of the parameters arenull
.
-
isValidPort
protected boolean isValidPort(int port) Checks if a given port number is valid.- Parameters:
port
- The port number.- Returns:
true
if port >= 0 and port <= 65535.
-
getPathSeparator
Gets the character separating the segments of target addresses.- Returns:
- The separator.
-
setPathSeparator
Sets the character separating the segments of target addresses.The default value of this property is
Constants.DEFAULT_PATH_SEPARATOR
.- Parameters:
pathSeparator
- The separator to use.- Throws:
NullPointerException
- if the given character isnull
.
-
getTrustStorePath
Gets the path to the key store to load certificates of trusted CAs from.- Returns:
- The absolute path to the key store or
null
if not set.
-
setTrustStorePath
Sets the path to the key store to load certificates of trusted CAs from.- Parameters:
trustStorePath
- The absolute path to the key store.
-
getTrustStorePassword
Gets the password for accessing the key store containing the certificates of trusted CAs.- Returns:
- The password or
null
if no password is set. - See Also:
-
setTrustStorePassword
Sets the password for accessing the key store containing the certificates of trusted CAs.The password can be set either explicitly or implicitly by specifying the path to a file from where the password will be read. In the latter case, the value to set is the (absolute) path to the file prefixed by "file:". To read the password from file /etc/hono/password, this property would need to be set to value
file:/etc/hono/password
.- Parameters:
trustStorePassword
- The password to set.- See Also:
-
getTrustOptions
public final io.vertx.core.net.TrustOptions getTrustOptions()Gets the trust options derived from the trust store properties.- Returns:
- The trust options or
null
if trust store path is not set or not supported. - Throws:
IllegalArgumentException
- In the case the configured trust store is not present in the file system.
-
getKeyStorePath
Gets the absolute path to the key store containing the private key and certificate chain that will be used for authentication to peers.- Returns:
- The path or
null
if no path has been set.
-
setKeyStorePath
Sets the absolute path to the key store containing the private key and certificate chain that should be used for authentication to peers.- Parameters:
keyStorePath
- The path.
-
getKeyStorePassword
Gets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.- Returns:
- The password or
null
if no password has been set. - See Also:
-
setKeyStorePassword
Sets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.The password can be set either explicitly or implicitly by specifying the path to a file from where the password will be read. In the latter case, the value to set is the (absolute) path to the file prefixed by "file:". To read the password from file /etc/hono/password, this property would need to be set to value
file:/etc/hono/password
.- Parameters:
keyStorePassword
- The password.
-
getKeyCertOptions
public final io.vertx.core.net.KeyCertOptions getKeyCertOptions()Gets the key & certificate options derived from the key store properties.- Returns:
- The options or
null
if key store path or key path and cert path are not set or not supported. - Throws:
IllegalArgumentException
- In the case any of the configured files is not present in the file system.
-
getCertPath
Gets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.- Returns:
- The path or
null
if no path has been set.
-
setCertPath
Sets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.In order to use a non-RSA type key (e.g. an ECC based key) a PKCS12 key store containing the key and certificate chain should be configured by means of the
setKeyStorePath(String)
andsetKeyStorePassword(String)
methods.- Parameters:
certPath
- The path.
-
getKeyPath
Gets the absolute path to the PEM file containing the RSA private key that will be used for authentication to peers.- Returns:
- The path or
null
if no path has been set.
-
setKeyPath
Sets the absolute path to the PEM file containing the RSA private key that should be used for authentication to peers.In order to use a non-RSA type key (e.g. an ECC based key) a PKCS12 key store containing the key should be configured by means of the
setKeyStorePath(String)
andsetKeyStorePassword(String)
methods.- Parameters:
keyPath
- The path.
-
setTrustStoreFormat
Specify the format of the trust store explicitly.- Parameters:
trustStoreFormat
- The format to use when reading the trust store, may benull
to trigger auto detection.
-
getTrustStoreFormat
Get the specified format of the trust store.- Returns:
- The format or
null
if auto-detection should be tried.
-
setKeyFormat
Specify the format of the key material explicitly.- Parameters:
keyFormat
- The format to use when reading the key material, may benull
to trigger auto detection.
-
getKeyFormat
Get the specified format of the key files.- Returns:
- The format or
null
if auto-detection should be tried.
-
getSecureProtocols
Gets the secure protocols that are enabled for TLS connections.By default, only TLSv1.2 and TLSv1.3 are enabled. Please refer to the vert.x documentation for a list of supported values.
- Returns:
- The enabled protocols in order of preference.
-
setSecureProtocols
Sets the secure protocols that are enabled for TLS connections.By default, only TLSv1.2 and TLSv1.3 are enabled. Please refer to the vert.x documentation for a list of supported values.
Note that setting this property to an empty list effectively disables TLS altogether.
- Parameters:
enabledProtocols
- The protocols in order of preference.- Throws:
NullPointerException
- if protocols isnull
.
-
getSupportedCipherSuites
Gets the names of the cipher suites that may be used in TLS connections.An empty list indicates that all cipher suites supported by the JVM can be used. This is also the default.
Please refer to JSSE Cipher Suite Names for a list of supported cipher suite names.
- Returns:
- The supported cipher suites in order of preference.
-
setSupportedCipherSuites
Sets the names of the cipher suites that may be used in TLS connections.An empty list indicates that all cipher suites supported by the JVM can be used. This is also the default.
Please refer to JSSE Cipher Suite Names for a list of supported cipher suite names.
- Parameters:
cipherSuites
- The supported cipher suites in order of preference.- Throws:
NullPointerException
- if cipher suites isnull
.
-