Package org.apache.ignite.ssl
Class SslContextFactory
- java.lang.Object
- 
- org.apache.ignite.ssl.AbstractSslContextFactory
- 
- org.apache.ignite.ssl.SslContextFactory
 
 
- 
- All Implemented Interfaces:
- Serializable,- javax.cache.configuration.Factory<SSLContext>
 
 public class SslContextFactory extends AbstractSslContextFactory SSL context factory that provides SSL context configuration with specified key and trust stores. This factory caches the result of the first successful attempt to create anSSLContextand always returns it as a result of further invocations of theAbstractSslContextFactory.create()} method.In some cases it is useful to disable certificate validation of client side (e.g. when connecting to a server with self-signed certificate). This can be achieved by setting a disabled trust manager to this factory, which can be obtained by getDisabledTrustManager()method:SslContextFactory factory = new SslContextFactory(); factory.setTrustManagers(SslContextFactory.getDisabledTrustManager()); // Rest of initialization.- See Also:
- Serialized Form
 
- 
- 
Field SummaryFields Modifier and Type Field Description static StringDFLT_KEY_ALGORITHMDefault key manager / trust manager algorithm.static StringDFLT_SSL_PROTOCOLDefault SSL protocol.static StringDFLT_STORE_TYPEDefault key / trust store type.protected StringkeyAlgorithmKey manager algorithm.protected StringkeyStoreFilePathPath to key store fileprotected char[]keyStorePwdKey store passwordprotected StringkeyStoreTypeKey store type.protected TrustManager[]trustMgrsTrust managers.protected StringtrustStoreFilePathPath to trust store.protected char[]trustStorePwdTrust store passwordprotected StringtrustStoreTypeTrust store type.- 
Fields inherited from class org.apache.ignite.ssl.AbstractSslContextFactorycipherSuites, proto, protocols, sslCtx
 
- 
 - 
Constructor SummaryConstructors Constructor Description SslContextFactory()
 - 
Method SummaryAll Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidcheckParameters()Checks that all required parameters are set.protected KeyManager[]createKeyManagers()protected TrustManager[]createTrustManagers()static TrustManagergetDisabledTrustManager()Returns an instance of trust manager that will always succeed regardless of certificate provided.StringgetKeyAlgorithm()Gets algorithm that will be used to create a key manager.StringgetKeyStoreFilePath()Gets path to the key store file.char[]getKeyStorePassword()Gets key store password.StringgetKeyStoreType()Gets key store type used for context creation.TrustManager[]getTrustManagers()Gets pre-configured trust managers.StringgetTrustStoreFilePath()Gets path to the trust store file.char[]getTrustStorePassword()Gets trust store password.StringgetTrustStoreType()Gets trust store type used for context creation.protected KeyStoreloadKeyStore(String keyStoreType, String storeFilePath, char[] keyStorePwd)Loads key store with configured parameters.protected InputStreamopenFileInputStream(String filePath)By default, this method simply opens a raw file input stream.voidsetKeyAlgorithm(String keyAlgorithm)Sets key manager algorithm that will be used to create a key manager.voidsetKeyStoreFilePath(String keyStoreFilePath)Sets path to the key store file.voidsetKeyStorePassword(char[] keyStorePwd)Sets key store password.voidsetKeyStoreType(String keyStoreType)Sets key store type used in context initialization.voidsetTrustManagers(TrustManager... trustMgrs)Sets pre-configured trust managers.voidsetTrustStoreFilePath(String trustStoreFilePath)Sets path to the trust store file.voidsetTrustStorePassword(char[] trustStorePwd)Sets trust store password.voidsetTrustStoreType(String trustStoreType)Sets trust store type used in context initialization.StringtoString()- 
Methods inherited from class org.apache.ignite.ssl.AbstractSslContextFactorycheckNullParameter, create, getCipherSuites, getProtocol, getProtocols, setCipherSuites, setProtocol, setProtocols
 
- 
 
- 
- 
- 
Field Detail- 
DFLT_STORE_TYPEpublic static final String DFLT_STORE_TYPE Default key / trust store type.
 - 
DFLT_SSL_PROTOCOLpublic static final String DFLT_SSL_PROTOCOL Default SSL protocol.- See Also:
- Constant Field Values
 
 - 
DFLT_KEY_ALGORITHMpublic static final String DFLT_KEY_ALGORITHM Default key manager / trust manager algorithm. Specifying different trust manager algorithm is not supported.
 - 
keyAlgorithmprotected String keyAlgorithm Key manager algorithm.
 - 
keyStoreTypeprotected String keyStoreType Key store type.
 - 
keyStoreFilePathprotected String keyStoreFilePath Path to key store file
 - 
keyStorePwdprotected char[] keyStorePwd Key store password
 - 
trustStoreTypeprotected String trustStoreType Trust store type.
 - 
trustStoreFilePathprotected String trustStoreFilePath Path to trust store.
 - 
trustStorePwdprotected char[] trustStorePwd Trust store password
 - 
trustMgrsprotected TrustManager[] trustMgrs Trust managers.
 
- 
 - 
Method Detail- 
getKeyStoreTypepublic String getKeyStoreType() Gets key store type used for context creation.- Returns:
- Key store type.
 
 - 
setKeyStoreTypepublic void setKeyStoreType(String keyStoreType) Sets key store type used in context initialization. If not provided,DFLT_STORE_TYPEwill be used.- Parameters:
- keyStoreType- Key store type.
 
 - 
getTrustStoreTypepublic String getTrustStoreType() Gets trust store type used for context creation.- Returns:
- trust store type.
 
 - 
setTrustStoreTypepublic void setTrustStoreType(String trustStoreType) Sets trust store type used in context initialization. If not provided,DFLT_STORE_TYPEwill be used.- Parameters:
- trustStoreType- Trust store type.
 
 - 
getKeyAlgorithmpublic String getKeyAlgorithm() Gets algorithm that will be used to create a key manager. If not specified,DFLT_KEY_ALGORITHMwill be used.- Returns:
- Key manager algorithm.
 
 - 
setKeyAlgorithmpublic void setKeyAlgorithm(String keyAlgorithm) Sets key manager algorithm that will be used to create a key manager.- Parameters:
- keyAlgorithm- Key algorithm name.
 
 - 
getKeyStoreFilePathpublic String getKeyStoreFilePath() Gets path to the key store file.- Returns:
- Path to key store file.
 
 - 
setKeyStoreFilePathpublic void setKeyStoreFilePath(String keyStoreFilePath) Sets path to the key store file. This is a mandatory parameter since ssl context could not be initialized without key manager.- Parameters:
- keyStoreFilePath- Path to key store file.
 
 - 
getKeyStorePasswordpublic char[] getKeyStorePassword() Gets key store password.- Returns:
- Key store password.
 
 - 
setKeyStorePasswordpublic void setKeyStorePassword(char[] keyStorePwd) Sets key store password.- Parameters:
- keyStorePwd- Key store password.
 
 - 
getTrustStoreFilePathpublic String getTrustStoreFilePath() Gets path to the trust store file.- Returns:
- Path to the trust store file.
 
 - 
setTrustStoreFilePathpublic void setTrustStoreFilePath(String trustStoreFilePath) Sets path to the trust store file. This is an optional parameter, however one of thesetTrustStoreFilePath(String),setTrustManagers(TrustManager[])properties must be set.- Parameters:
- trustStoreFilePath- Path to the trust store file.
 
 - 
getTrustStorePasswordpublic char[] getTrustStorePassword() Gets trust store password.- Returns:
- Trust store password.
 
 - 
setTrustStorePasswordpublic void setTrustStorePassword(char[] trustStorePwd) Sets trust store password.- Parameters:
- trustStorePwd- Trust store password.
 
 - 
getTrustManagerspublic TrustManager[] getTrustManagers() Gets pre-configured trust managers.- Returns:
- Trust managers.
 
 - 
setTrustManagerspublic void setTrustManagers(TrustManager... trustMgrs) Sets pre-configured trust managers. This is an optional parameter, however one of thesetTrustStoreFilePath(String),#setTrustManagers(TrustManager[])- Parameters:
- trustMgrs- Pre-configured trust managers.
 
 - 
getDisabledTrustManagerpublic static TrustManager getDisabledTrustManager() Returns an instance of trust manager that will always succeed regardless of certificate provided.- Returns:
- Trust manager instance.
 
 - 
createKeyManagersprotected final KeyManager[] createKeyManagers() throws SSLException - Specified by:
- createKeyManagersin class- AbstractSslContextFactory
- Returns:
- Created Key Managers.
- Throws:
- SSLException- If Key Managers could not be created.
 
 - 
createTrustManagersprotected final TrustManager[] createTrustManagers() throws SSLException - Specified by:
- createTrustManagersin class- AbstractSslContextFactory
- Returns:
- Created Trust Managers.
- Throws:
- SSLException- If Trust Managers could not be created.
 
 - 
checkParametersprotected void checkParameters() throws SSLExceptionChecks that all required parameters are set.- Specified by:
- checkParametersin class- AbstractSslContextFactory
- Throws:
- SSLException- If any of required parameters is missing.
 
 - 
openFileInputStreamprotected InputStream openFileInputStream(String filePath) throws IOException By default, this method simply opens a raw file input stream. Subclasses may override this method if some specific location should be handled (this may be a case for Android users).- Parameters:
- filePath- Path to the file.
- Returns:
- Opened input stream.
- Throws:
- IOException- If stream could not be opened.
 
 - 
loadKeyStoreprotected KeyStore loadKeyStore(String keyStoreType, String storeFilePath, char[] keyStorePwd) throws SSLException Loads key store with configured parameters.- Parameters:
- keyStoreType- Type of key store.
- storeFilePath- Path to key store file.
- keyStorePwd- Store password.
- Returns:
- Initialized key store.
- Throws:
- SSLException- If key store could not be initialized.
 
 
- 
 
-