Package io.temporal.serviceclient
Class SimpleSslContextBuilder
- java.lang.Object
-
- io.temporal.serviceclient.SimpleSslContextBuilder
-
public class SimpleSslContextBuilder extends java.lang.Object
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
SimpleSslContextBuilder.UnknownDefaultTrustManagerException
Exception that is thrown in case if builder was unable to derive default system trust manager.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description io.grpc.netty.shaded.io.netty.handler.ssl.SslContext
build()
ConfiguresSslContext
from the Builder parameters and for use with Temporal GRPC server.io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder
configure(io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder sslContextBuilder)
Configures specifiedSslContextBuilder
from the Builder parameters and for use with Temporal GRPC server.static SimpleSslContextBuilder
forPKCS12(java.io.InputStream pfxKeyArchive)
static SimpleSslContextBuilder
forPKCS8(java.io.InputStream keyCertChain, java.io.InputStream key)
static SimpleSslContextBuilder
newBuilder(java.io.InputStream keyCertChain, java.io.InputStream key)
Deprecated.useforPKCS8(InputStream, InputStream)
insteadstatic SimpleSslContextBuilder
noKeyOrCertChain()
Explicitly creates a builder without a client private key or certificate chain.SimpleSslContextBuilder
setKeyPassword(java.lang.String keyPassword)
SimpleSslContextBuilder
setTrustManager(javax.net.ssl.TrustManager trustManager)
SimpleSslContextBuilder
setUseInsecureTrustManager(boolean useInsecureTrustManager)
-
-
-
Method Detail
-
newBuilder
@Deprecated public static SimpleSslContextBuilder newBuilder(java.io.InputStream keyCertChain, java.io.InputStream key)
Deprecated.useforPKCS8(InputStream, InputStream)
instead- Parameters:
keyCertChain
- - an input stream for an X.509 client certificate chain in PEM format.key
- - an input stream for a PKCS#8 client private key in PEM format.
-
noKeyOrCertChain
public static SimpleSslContextBuilder noKeyOrCertChain()
Explicitly creates a builder without a client private key or certificate chain.forPKCS8(java.io.InputStream, java.io.InputStream)
andforPKCS12(java.io.InputStream)
support null inputs too for easier configuration API
-
forPKCS8
public static SimpleSslContextBuilder forPKCS8(@Nullable java.io.InputStream keyCertChain, @Nullable java.io.InputStream key)
- Parameters:
keyCertChain
- - an input stream for an X.509 client certificate chain in PEM format.key
- - an input stream for a PKCS#8 client private key in PEM format.
-
forPKCS12
public static SimpleSslContextBuilder forPKCS12(@Nullable java.io.InputStream pfxKeyArchive)
- Parameters:
pfxKeyArchive
- - an input stream for .pfx or .p12 PKCS12 archive file
-
configure
public io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder configure(io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder sslContextBuilder) throws javax.net.ssl.SSLException
Configures specifiedSslContextBuilder
from the Builder parameters and for use with Temporal GRPC server.SslContext
built by the configured builder can be used withServiceStubsOptions.Builder.setSslContext(SslContext)
If trust manager is set then it will be used to verify server authority, otherwise system default trust manager (or if
useInsecureTrustManager
is set then insecure trust manager) is going to be used.- Returns:
sslContextBuilder
- Throws:
javax.net.ssl.SSLException
- when it was unable to build the context
-
build
public io.grpc.netty.shaded.io.netty.handler.ssl.SslContext build() throws javax.net.ssl.SSLException
ConfiguresSslContext
from the Builder parameters and for use with Temporal GRPC server.If trust manager is set then it will be used to verify server authority, otherwise system default trust manager (or if
useInsecureTrustManager
is set then insecure trust manager) is going to be used.- Returns:
SslContext
that can be used with theServiceStubsOptions.Builder.setSslContext(SslContext)
- Throws:
javax.net.ssl.SSLException
- when it was unable to build the context
-
setTrustManager
public SimpleSslContextBuilder setTrustManager(javax.net.ssl.TrustManager trustManager)
- Parameters:
trustManager
- - custom trust manager that should be used with the SSLContext for verifying server CA authority.- Returns:
- builder instance.
-
setUseInsecureTrustManager
public SimpleSslContextBuilder setUseInsecureTrustManager(boolean useInsecureTrustManager)
- Parameters:
useInsecureTrustManager
- - if set to true then insecure trust manager is going to be used instead of the system default one. Note that this makes client vulnerable to man in the middle attack. Use with caution.- Returns:
- builder instance.
-
setKeyPassword
public SimpleSslContextBuilder setKeyPassword(java.lang.String keyPassword)
- Parameters:
keyPassword
- - the password of the key, or null if it's not password-protected.- Returns:
- builder instance.
-
-