Class RotatingKeysSSLEngineProvider
- java.lang.Object
-
- org.apache.pekko.remote.artery.tcp.ssl.RotatingKeysSSLEngineProvider
-
- All Implemented Interfaces:
SSLEngineProvider
public final class RotatingKeysSSLEngineProvider extends java.lang.Object implements SSLEngineProvider
Variation on ConfigSSLEngineProvider that will periodically reload the keys and certificates from disk, to facilitate rolling updates of certificates.This class is still ApiMayChange because it can likely be further harmonized with the standard ConfigSSLEngineProvider. Also the location and default values of the configuration may change in future versions of Apache Pekko.
This provider does not perform hostname verification, but instead allows checking that the remote certificate has a subject name that matches the subject name of the configured certificate.
-
-
Constructor Summary
Constructors Constructor Description RotatingKeysSSLEngineProvider(com.typesafe.config.Config config, MarkerLoggingAdapter log)
RotatingKeysSSLEngineProvider(ActorSystem system)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description com.typesafe.config.Config
config()
javax.net.ssl.SSLEngine
createClientSSLEngine(java.lang.String hostname, int port)
javax.net.ssl.SSLEngine
createServerSSLEngine(java.lang.String hostname, int port)
protected MarkerLoggingAdapter
log()
scala.Option<java.lang.Throwable>
verifyClientSession(java.lang.String hostname, javax.net.ssl.SSLSession session)
Verification that will be called after every successful handshake to verify additional session information.scala.Option<java.lang.Throwable>
verifyServerSession(java.lang.String hostname, javax.net.ssl.SSLSession session)
Verification that will be called after every successful handshake to verify additional session information.
-
-
-
Constructor Detail
-
RotatingKeysSSLEngineProvider
public RotatingKeysSSLEngineProvider(com.typesafe.config.Config config, MarkerLoggingAdapter log)
-
RotatingKeysSSLEngineProvider
public RotatingKeysSSLEngineProvider(ActorSystem system)
-
-
Method Detail
-
config
public com.typesafe.config.Config config()
-
log
protected MarkerLoggingAdapter log()
-
createServerSSLEngine
public javax.net.ssl.SSLEngine createServerSSLEngine(java.lang.String hostname, int port)
- Specified by:
createServerSSLEngine
in interfaceSSLEngineProvider
-
createClientSSLEngine
public javax.net.ssl.SSLEngine createClientSSLEngine(java.lang.String hostname, int port)
- Specified by:
createClientSSLEngine
in interfaceSSLEngineProvider
-
verifyClientSession
public scala.Option<java.lang.Throwable> verifyClientSession(java.lang.String hostname, javax.net.ssl.SSLSession session)
Description copied from interface:SSLEngineProvider
Verification that will be called after every successful handshake to verify additional session information. ReturnNone
if valid otherwiseSome
with explaining cause.- Specified by:
verifyClientSession
in interfaceSSLEngineProvider
-
verifyServerSession
public scala.Option<java.lang.Throwable> verifyServerSession(java.lang.String hostname, javax.net.ssl.SSLSession session)
Description copied from interface:SSLEngineProvider
Verification that will be called after every successful handshake to verify additional session information. ReturnNone
if valid otherwiseSome
with explaining cause.- Specified by:
verifyServerSession
in interfaceSSLEngineProvider
-
-