io.netty.handler.ssl

Class SslContextBuilder

java.lang.Object

io.netty.handler.ssl.SslContextBuilder

public final class SslContextBuilder
extends Object

Builder for configuring a new SslContext for creation.

Method Summary

Methods

Modifier and Type	Method and Description
SslContextBuilder	applicationProtocolConfig(ApplicationProtocolConfig apn) Application protocol negotiation configuration.
SslContext	build() Create new SslContext instance with configured settings.
SslContextBuilder	ciphers(Iterable<String> ciphers) The cipher suites to enable, in the order of preference.
SslContextBuilder	ciphers(Iterable<String> ciphers, CipherSuiteFilter cipherFilter) The cipher suites to enable, in the order of preference.
static SslContextBuilder	forClient() Creates a builder for new client-side SslContext.
static SslContextBuilder	forServer(File keyCertChainFile, File keyFile) Creates a builder for new server-side SslContext.
static SslContextBuilder	forServer(File keyCertChainFile, File keyFile, String keyPassword) Creates a builder for new server-side SslContext.
SslContextBuilder	keyManager(File keyCertChainFile, File keyFile) Identifying certificate for this host.
SslContextBuilder	keyManager(File keyCertChainFile, File keyFile, String keyPassword) Identifying certificate for this host.
SslContextBuilder	keyManager(KeyManagerFactory keyManagerFactory) Identifying manager for this host.
SslContextBuilder	sessionCacheSize(long sessionCacheSize) Set the size of the cache used for storing SSL session objects.
SslContextBuilder	sessionTimeout(long sessionTimeout) Set the timeout for the cached SSL session objects, in seconds.
SslContextBuilder	sslProvider(SslProvider provider) The SslContext implementation to use.
SslContextBuilder	trustManager(File trustCertChainFile) Trusted certificates for verifying the remote endpoint's certificate.
SslContextBuilder	trustManager(TrustManagerFactory trustManagerFactory) Trusted manager for verifying the remote endpoint's certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

forClient

public static SslContextBuilder forClient()

Creates a builder for new client-side SslContext.

forServer

public static SslContextBuilder forServer(File keyCertChainFile,
                          File keyFile)

Creates a builder for new server-side SslContext.

Parameters:

keyCertChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

forServer

public static SslContextBuilder forServer(File keyCertChainFile,
                          File keyFile,
                          String keyPassword)

Creates a builder for new server-side SslContext.

Parameters:

keyCertChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

keyPassword - the password of the keyFile, or null if it's not password-protected

sslProvider

public SslContextBuilder sslProvider(SslProvider provider)

The SslContext implementation to use. null uses the default one.

trustManager

public SslContextBuilder trustManager(File trustCertChainFile)

Trusted certificates for verifying the remote endpoint's certificate. The file should contain an X.509 certificate chain in PEM format. null uses the system default.

trustManager

public SslContextBuilder trustManager(TrustManagerFactory trustManagerFactory)

Trusted manager for verifying the remote endpoint's certificate. Using a TrustManagerFactory is only supported for SslProvider.JDK; for other providers, you must use trustManager(File). null uses the system default.

keyManager

public SslContextBuilder keyManager(File keyCertChainFile,
                           File keyFile)

Identifying certificate for this host. keyCertChainFile and keyFile may be null for client contexts, which disables mutual authentication.

Parameters:

keyCertChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

keyManager

public SslContextBuilder keyManager(File keyCertChainFile,
                           File keyFile,
                           String keyPassword)

Identifying certificate for this host. keyCertChainFile and keyFile may be null for client contexts, which disables mutual authentication.

Parameters:

keyCertChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

keyPassword - the password of the keyFile, or null if it's not password-protected

keyManager

public SslContextBuilder keyManager(KeyManagerFactory keyManagerFactory)

Identifying manager for this host. keyManagerFactory may be null for client contexts, which disables mutual authentication. Using a KeyManagerFactory is only supported for SslProvider.JDK; for other providers, you must use keyManager(File, File) or keyManager(File, File, String).

ciphers

public SslContextBuilder ciphers(Iterable<String> ciphers)

The cipher suites to enable, in the order of preference. null to use default cipher suites.

ciphers

public SslContextBuilder ciphers(Iterable<String> ciphers,
                        CipherSuiteFilter cipherFilter)

The cipher suites to enable, in the order of preference. cipherFilter will be applied to the ciphers before use if provider is SslProvider.JDK. If ciphers is null, then the default cipher suites will be used.

applicationProtocolConfig

public SslContextBuilder applicationProtocolConfig(ApplicationProtocolConfig apn)

Application protocol negotiation configuration. null disables support.

sessionCacheSize

public SslContextBuilder sessionCacheSize(long sessionCacheSize)

Set the size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout

public SslContextBuilder sessionTimeout(long sessionTimeout)

Set the timeout for the cached SSL session objects, in seconds. 0 to use the default value.

build

public SslContext build()
                 throws SSLException

Create new SslContext instance with configured settings.

Throws:

SSLException