Package org.apache.cassandra.security
Class DisableSslContextFactory
- java.lang.Object
-
- org.apache.cassandra.security.AbstractSslContextFactory
-
- org.apache.cassandra.security.DisableSslContextFactory
-
- All Implemented Interfaces:
ISslContextFactory
public class DisableSslContextFactory extends AbstractSslContextFactory
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.cassandra.security.ISslContextFactory
ISslContextFactory.SocketType
-
-
Field Summary
-
Fields inherited from class org.apache.cassandra.security.AbstractSslContextFactory
accepted_protocols, algorithm, cipher_suites, enabled, openSslIsAvailable, optional, parameters, protocol, require_client_auth, require_endpoint_verification, store_type, TLS_PROTOCOL_SUBSTITUTION
-
-
Constructor Summary
Constructors Constructor Description DisableSslContextFactory()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected javax.net.ssl.KeyManagerFactorybuildKeyManagerFactory()protected javax.net.ssl.KeyManagerFactorybuildOutboundKeyManagerFactory()Create aKeyManagerFactoryfor outbound connections.protected javax.net.ssl.TrustManagerFactorybuildTrustManagerFactory()booleanhasKeystore()Returns if this factory uses private keystore.booleanhasOutboundKeystore()Returns if this factory uses outbound keystore.voidinitHotReloading()Initializes hot reloading of the security keys/certs.booleanshouldReload()Returns if any changes require the reloading of the SSL context returned by this factory.-
Methods inherited from class org.apache.cassandra.security.AbstractSslContextFactory
createJSSESslContext, createNettySslContext, deriveIfOpenSslAvailable, getAcceptedProtocols, getBoolean, getBoolean, getCipherSuites, getSslProvider, getString, getString, getStringList
-
-
-
-
Method Detail
-
buildKeyManagerFactory
protected javax.net.ssl.KeyManagerFactory buildKeyManagerFactory() throws javax.net.ssl.SSLException- Specified by:
buildKeyManagerFactoryin classAbstractSslContextFactory- Throws:
javax.net.ssl.SSLException
-
buildTrustManagerFactory
protected javax.net.ssl.TrustManagerFactory buildTrustManagerFactory() throws javax.net.ssl.SSLException- Specified by:
buildTrustManagerFactoryin classAbstractSslContextFactory- Throws:
javax.net.ssl.SSLException
-
buildOutboundKeyManagerFactory
protected javax.net.ssl.KeyManagerFactory buildOutboundKeyManagerFactory() throws javax.net.ssl.SSLExceptionDescription copied from class:AbstractSslContextFactoryCreate aKeyManagerFactoryfor outbound connections. It provides a seperate keystore for internode mTLS outbound connections.- Specified by:
buildOutboundKeyManagerFactoryin classAbstractSslContextFactory- Returns:
KeyManagerFactory- Throws:
javax.net.ssl.SSLException
-
hasKeystore
public boolean hasKeystore()
Description copied from interface:ISslContextFactoryReturns if this factory uses private keystore.- Returns:
trueby default unless the implementation overrides this
-
hasOutboundKeystore
public boolean hasOutboundKeystore()
Description copied from interface:ISslContextFactoryReturns if this factory uses outbound keystore.- Returns:
trueby default unless the implementation overrides this
-
initHotReloading
public void initHotReloading() throws javax.net.ssl.SSLExceptionDescription copied from interface:ISslContextFactoryInitializes hot reloading of the security keys/certs. The implementation must guarantee this to be thread safe.- Throws:
javax.net.ssl.SSLException
-
shouldReload
public boolean shouldReload()
Description copied from interface:ISslContextFactoryReturns if any changes require the reloading of the SSL context returned by this factory. This will be called by Cassandra's periodic polling for any potential changes that will reload the SSL context. However only newer connections established after the reload will use the reloaded SSL context.- Returns:
trueif SSL Context needs to be reload;falseotherwise
-
-