Package io.temporal.serviceclient

Class SimpleSslContextBuilder

  • public class SimpleSslContextBuilder
extends java.lang.Object

    • Method Detail

      • newBuilder

        @Deprecated
public static SimpleSslContextBuilder newBuilder​(java.io.InputStream keyCertChain,
                                                 java.io.InputStream key)
        Deprecated.
        use forPKCS8(InputStream, InputStream) instead
        Parameters:
        keyCertChain - - an input stream for an X.509 client certificate chain in PEM format.
        key - - an input stream for a PKCS#8 client private key in PEM format.

      • forPKCS8

        public static SimpleSslContextBuilder forPKCS8​(@Nullable
                                               java.io.InputStream keyCertChain,
                                               @Nullable
                                               java.io.InputStream key)
        Parameters:
        keyCertChain - - an input stream for an X.509 client certificate chain in PEM format.
        key - - an input stream for a PKCS#8 client private key in PEM format.

      • forPKCS12

        public static SimpleSslContextBuilder forPKCS12​(@Nullable
                                                java.io.InputStream pfxKeyArchive)
        Parameters:
        pfxKeyArchive - - an input stream for .pfx or .p12 PKCS12 archive file

      • configure

        public io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder configure​(io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder sslContextBuilder)
                                                                      throws javax.net.ssl.SSLException
        Configures specified SslContextBuilder from the Builder parameters and for use with Temporal GRPC server. SslContext built by the configured builder can be used with ServiceStubsOptions.Builder.setSslContext(SslContext)

        If trust manager is set then it will be used to verify server authority, otherwise system default trust manager (or if useInsecureTrustManager is set then insecure trust manager) is going to be used.

        Returns:
        sslContextBuilder
        Throws:
        javax.net.ssl.SSLException - when it was unable to build the context

      • build

        public io.grpc.netty.shaded.io.netty.handler.ssl.SslContext build()
                                                           throws javax.net.ssl.SSLException
        Configures SslContext from the Builder parameters and for use with Temporal GRPC server.

        If trust manager is set then it will be used to verify server authority, otherwise system default trust manager (or if useInsecureTrustManager is set then insecure trust manager) is going to be used.

        Returns:
        SslContext that can be used with the ServiceStubsOptions.Builder.setSslContext(SslContext)
        Throws:
        javax.net.ssl.SSLException - when it was unable to build the context

      • setTrustManager

        public SimpleSslContextBuilder setTrustManager​(javax.net.ssl.TrustManager trustManager)
        Parameters:
        trustManager - - custom trust manager that should be used with the SSLContext for verifying server CA authority.
        Returns:
        builder instance.

      • setUseInsecureTrustManager

        public SimpleSslContextBuilder setUseInsecureTrustManager​(boolean useInsecureTrustManager)
        Parameters:
        useInsecureTrustManager - - if set to true then insecure trust manager is going to be used instead of the system default one. Note that this makes client vulnerable to man in the middle attack. Use with caution.
        Returns:
        builder instance.

      • setKeyPassword

        public SimpleSslContextBuilder setKeyPassword​(java.lang.String keyPassword)
        Parameters:
        keyPassword - - the password of the key, or null if it's not password-protected.
        Returns:
        builder instance.