Package io.dropwizard.logging.common

Class TlsSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware>

java.lang.Object
io.dropwizard.logging.common.AbstractAppenderFactory<E>
io.dropwizard.logging.common.AbstractOutputStreamAppenderFactory<E>
io.dropwizard.logging.common.TcpSocketAppenderFactory<E>
io.dropwizard.logging.common.TlsSocketAppenderFactory<E>
All Implemented Interfaces:
Discoverable, AppenderFactory<E>
public class TlsSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware> extends TcpSocketAppenderFactory<E>
An AppenderFactory implementation which provides an appender that writes events to a TCP socket secured by the TLS/SSL protocol on the presentation layer.

Configuration Parameters:

Name Default Description
keyStorePath (none) The path to the Java key store which contains the host certificate and private key.
keyStorePassword (none) The password used to access the key store.
keyStoreType JKS The type of key store (usually JKS, PKCS12, JCEKS, Windows-MY, or Windows-ROOT).
keyStoreProvider (none) The JCE provider to use to access the key store.
trustStorePath (none) The path to the Java key store which contains the CA certificates used to establish trust.
trustStorePassword (none) The password used to access the trust store.
trustStoreType JKS The type of trust store (usually JKS, PKCS12, JCEKS, Windows-MY, or Windows-ROOT).
trustStoreProvider (none) The JCE provider to use to access the trust store.
jceProvider (none) The name of the JCE provider to use for cryptographic support.
validateCerts false Whether or not to validate TLS certificates before starting. If enabled, Dropwizard will refuse to start with expired or otherwise invalid certificates.
validatePeers false Whether or not to validate TLS peer certificates.
supportedProtocols JVM default A list of protocols (e.g., SSLv3, TLSv1) which are supported. All other protocols will be refused.
excludedProtocols [SSL, SSLv2, SSLv2Hello, SSLv3] A list of protocols (e.g., SSLv3, TLSv1) which are excluded. These protocols will be refused.
supportedCipherSuites JVM default A list of cipher suites (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) which are supported. All other cipher suites will be refused
excludedCipherSuites [.*_(MD5|SHA|SHA1)$] A list of cipher suites (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) which are excluded. These cipher suites will be refused.

For more configuration parameters, see TcpSocketAppenderFactory.

Since:
2.0
See Also:

  • Constructor Details

    • TlsSocketAppenderFactory

      public TlsSocketAppenderFactory()

  • Method Details

    • isValidatePeers

      public boolean isValidatePeers()

    • setValidatePeers

      public void setValidatePeers(boolean validatePeers)

    • isValidateCerts

      public boolean isValidateCerts()

    • setValidateCerts

      public void setValidateCerts(boolean validateCerts)

    • getExcludedCipherSuites

      public @Nullable List<String> getExcludedCipherSuites()

    • setExcludedCipherSuites

      public void setExcludedCipherSuites(List<String> excludedCipherSuites)

    • getSupportedCipherSuites

      public @Nullable List<String> getSupportedCipherSuites()

    • setSupportedCipherSuites

      public void setSupportedCipherSuites(List<String> supportedCipherSuites)

    • getExcludedProtocols

      public @Nullable List<String> getExcludedProtocols()

    • setExcludedProtocols

      public void setExcludedProtocols(List<String> excludedProtocols)

    • getSupportedProtocols

      public @Nullable List<String> getSupportedProtocols()

    • setSupportedProtocols

      public void setSupportedProtocols(List<String> supportedProtocols)

    • getTrustStoreProvider

      public @Nullable String getTrustStoreProvider()

    • setTrustStoreProvider

      public void setTrustStoreProvider(String trustStoreProvider)

    • getTrustStoreType

      public @Nullable String getTrustStoreType()

    • setTrustStoreType

      public void setTrustStoreType(String trustStoreType)

    • getTrustStorePassword

      public @Nullable String getTrustStorePassword()

    • setTrustStorePassword

      public void setTrustStorePassword(String trustStorePassword)

    • getTrustStorePath

      public @Nullable String getTrustStorePath()

    • setTrustStorePath

      public void setTrustStorePath(String trustStorePath)

    • getKeyStoreProvider

      public @Nullable String getKeyStoreProvider()

    • setKeyStoreProvider

      public void setKeyStoreProvider(String keyStoreProvider)

    • getKeyStoreType

      public @Nullable String getKeyStoreType()

    • setKeyStoreType

      public void setKeyStoreType(String keyStoreType)

    • getKeyStorePassword

      public @Nullable String getKeyStorePassword()

    • setKeyStorePassword

      public void setKeyStorePassword(String keyStorePassword)

    • getKeyStorePath

      public @Nullable String getKeyStorePath()

    • setKeyStorePath

      public void setKeyStorePath(String keyStorePath)

    • getJceProvider

      public @Nullable String getJceProvider()

    • setJceProvider

      public void setJceProvider(String jceProvider)

    • socketFactory

      protected SocketFactory socketFactory()
      Overrides:
      socketFactory in class TcpSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware>