Class RotatingKeysSSLEngineProvider

  • All Implemented Interfaces:
    SSLEngineProvider

    public final class RotatingKeysSSLEngineProvider
    extends java.lang.Object
    implements SSLEngineProvider
    Variation on ConfigSSLEngineProvider that will periodically reload the keys and certificates from disk, to facilitate rolling updates of certificates.

    This class is still ApiMayChange because it can likely be further harmonized with the standard ConfigSSLEngineProvider. Also the location and default values of the configuration may change in future versions of Apache Pekko.

    This provider does not perform hostname verification, but instead allows checking that the remote certificate has a subject name that matches the subject name of the configured certificate.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      com.typesafe.config.Config config()  
      javax.net.ssl.SSLEngine createClientSSLEngine​(java.lang.String hostname, int port)  
      javax.net.ssl.SSLEngine createServerSSLEngine​(java.lang.String hostname, int port)  
      protected MarkerLoggingAdapter log()  
      scala.Option<java.lang.Throwable> verifyClientSession​(java.lang.String hostname, javax.net.ssl.SSLSession session)
      Verification that will be called after every successful handshake to verify additional session information.
      scala.Option<java.lang.Throwable> verifyServerSession​(java.lang.String hostname, javax.net.ssl.SSLSession session)
      Verification that will be called after every successful handshake to verify additional session information.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • RotatingKeysSSLEngineProvider

        public RotatingKeysSSLEngineProvider​(com.typesafe.config.Config config,
                                             MarkerLoggingAdapter log)
      • RotatingKeysSSLEngineProvider

        public RotatingKeysSSLEngineProvider​(ActorSystem system)
    • Method Detail

      • config

        public com.typesafe.config.Config config()
      • verifyClientSession

        public scala.Option<java.lang.Throwable> verifyClientSession​(java.lang.String hostname,
                                                                     javax.net.ssl.SSLSession session)
        Description copied from interface: SSLEngineProvider
        Verification that will be called after every successful handshake to verify additional session information. Return None if valid otherwise Some with explaining cause.
        Specified by:
        verifyClientSession in interface SSLEngineProvider
      • verifyServerSession

        public scala.Option<java.lang.Throwable> verifyServerSession​(java.lang.String hostname,
                                                                     javax.net.ssl.SSLSession session)
        Description copied from interface: SSLEngineProvider
        Verification that will be called after every successful handshake to verify additional session information. Return None if valid otherwise Some with explaining cause.
        Specified by:
        verifyServerSession in interface SSLEngineProvider