Package com.linkedin.alpini.netty4.http2
Class SSLContextBuilder
- java.lang.Object
-
- com.linkedin.alpini.netty4.http2.SSLContextBuilder
-
public final class SSLContextBuilder extends java.lang.ObjectCreated by acurtis on 4/19/18.
-
-
Field Summary
Fields Modifier and Type Field Description static java.util.List<java.lang.String>CIPHERSstatic java.util.List<java.lang.String>NO_GCM_CIPHERSSimiliar ciphers as WITH_GCM_CIPHERS except with CBC substituted instead of GCM because GCM is crushingly slow in current Java implementations.static java.util.List<java.lang.String>WITH_GCM_CIPHERSModern ciphers as used for HTTP/2 plus three weak ciphers as used within LNKD HTTP/1
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static io.netty.handler.ssl.SslContextbuild(io.netty.handler.ssl.SslContextBuilder builder)static java.util.List<java.lang.String>getCiphers(java.security.Provider sslContextProvider, io.netty.handler.ssl.SslProvider provider)static io.netty.handler.ssl.SslContextmakeClientContext(long sessionCacheSize, long sessionTimeout)static io.netty.handler.ssl.SslContextmakeClientContext(long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeClientContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout)static io.netty.handler.ssl.SslContextmakeClientContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeClientContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeClientContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)static io.netty.handler.ssl.SslContextmakeClientContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeClientContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)static io.netty.handler.ssl.SslContextmakeServerContext(long sessionCacheSize, long sessionTimeout)static io.netty.handler.ssl.SslContextmakeServerContext(long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeServerContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout)static io.netty.handler.ssl.SslContextmakeServerContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeServerContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeServerContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)static io.netty.handler.ssl.SslContextmakeServerContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static io.netty.handler.ssl.SslContextmakeServerContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)static java.util.function.Function<java.util.function.Function<javax.net.ssl.KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder>setupContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)static java.util.function.Function<java.util.function.Function<javax.net.ssl.KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder>setupContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)static booleanuseOpenSsl()
-
-
-
Field Detail
-
NO_GCM_CIPHERS
public static final java.util.List<java.lang.String> NO_GCM_CIPHERS
Similiar ciphers as WITH_GCM_CIPHERS except with CBC substituted instead of GCM because GCM is crushingly slow in current Java implementations.
-
WITH_GCM_CIPHERS
public static final java.util.List<java.lang.String> WITH_GCM_CIPHERS
Modern ciphers as used for HTTP/2 plus three weak ciphers as used within LNKD HTTP/1
-
CIPHERS
public static final java.util.List<java.lang.String> CIPHERS
-
-
Method Detail
-
useOpenSsl
public static boolean useOpenSsl()
-
getCiphers
public static java.util.List<java.lang.String> getCiphers(java.security.Provider sslContextProvider, io.netty.handler.ssl.SslProvider provider)
-
build
public static io.netty.handler.ssl.SslContext build(io.netty.handler.ssl.SslContextBuilder builder) throws javax.net.ssl.SSLException- Throws:
javax.net.ssl.SSLException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(long sessionCacheSize, long sessionTimeout) throws javax.net.ssl.SSLException- Parameters:
sessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.- Returns:
- client SslContext
- Throws:
javax.net.ssl.SSLException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws javax.net.ssl.SSLException- Parameters:
sessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.permitHttp2- permits HTTP/2 APLN negotiation whentrue.- Returns:
- client SslContext
- Throws:
javax.net.ssl.SSLException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws javax.net.ssl.SSLException- Throws:
javax.net.ssl.SSLException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt) throws javax.net.ssl.SSLException- Throws:
javax.net.ssl.SSLException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Parameters:
keyStoreFile- keystore filekeyStorePassword- keystore passwordkeyStoreType- keystore typetrustStoreFile- truststore filetrustStorePassword- truststore passwordsessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.- Returns:
- client SslContext
- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Parameters:
keyStoreFile- keystore filekeyStorePassword- keystore passwordkeyStoreType- keystore typetrustStoreFile- truststore filetrustStorePassword- truststore passwordsessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.permitHttp2- permits HTTP/2 APLN negotiation whentrue.- Returns:
- client SslContext
- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeClientContext
public static io.netty.handler.ssl.SslContext makeClientContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(long sessionCacheSize, long sessionTimeout) throws javax.net.ssl.SSLException- Parameters:
sessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.- Returns:
- server SslContext
- Throws:
javax.net.ssl.SSLException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws javax.net.ssl.SSLException- Parameters:
sessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.permitHttp2- permits HTTP/2 APLN negotiation whentrue.- Returns:
- server SslContext
- Throws:
javax.net.ssl.SSLException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws javax.net.ssl.SSLException- Throws:
javax.net.ssl.SSLException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(java.security.Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt) throws javax.net.ssl.SSLException- Throws:
javax.net.ssl.SSLException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout) throws java.security.UnrecoverableKeyException, java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.io.IOException- Parameters:
keyStoreFile- keystore filekeyStorePassword- keystore passwordkeyStoreType- keystore typetrustStoreFile- truststore filetrustStorePassword- truststore passwordsessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.- Returns:
- server SslContext
- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Parameters:
keyStoreFile- keystore filekeyStorePassword- keystore passwordkeyStoreType- keystore typetrustStoreFile- truststore filetrustStorePassword- truststore passwordsessionCacheSize- size of the cache used for storing SSL session objects.0to use the default value.sessionTimeout- timeout for the cached SSL session objects, in seconds.0to use the default value.permitHttp2- permits HTTP/2 APLN negotiation whentrue.- Returns:
- server SslContext
- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
makeServerContext
public static io.netty.handler.ssl.SslContext makeServerContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
setupContext
public static java.util.function.Function<java.util.function.Function<javax.net.ssl.KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder> setupContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
setupContext
public static java.util.function.Function<java.util.function.Function<javax.net.ssl.KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder> setupContext(java.security.Provider sslContextProvider, java.lang.Object keyStoreFile, java.lang.String keyStorePassword, java.lang.String keyStoreType, java.io.File trustStoreFile, java.lang.String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt) throws java.io.IOException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException- Throws:
java.io.IOExceptionjava.security.KeyStoreExceptionjava.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateException
-
-