Package com.linkedin.venice.utils

Class SslUtils

java.lang.Object
com.linkedin.venice.utils.SslUtils
public class SslUtils extends Object

  • Field Details

    • LOCAL_PASSWORD

      public static final String LOCAL_PASSWORD
      Self-signed cert. Use keystore as truststore since self-signed. Cert has CN=localhost IMPORTANT NOTE: the "localhost.jks", "localhost.cert", "localhost.key" and "localhost.p12" files only exist in the code base; do not try to load this files in actual hosts
      See Also:

    • LOCAL_KEYSTORE_JKS

      public static final String LOCAL_KEYSTORE_JKS
      See Also:

  • Constructor Details

    • SslUtils

      public SslUtils()

  • Method Details

    • getVeniceLocalSslFactory

      public static SSLFactory getVeniceLocalSslFactory()
      This function should be used in test cases only.
      Returns:
      a local SSL factory that uses a self-signed development certificate.

    • getVeniceLocalSslProperties

      public static Properties getVeniceLocalSslProperties()
      This function should be used in test cases only.
      Returns:
      an instance of Properties that contains local SSL configs.

    • getTlsConfiguration

      public static SslUtils.VeniceTlsConfiguration getTlsConfiguration()

    • getPathForResource

      public static String getPathForResource(String resource)
      This function should be used in test cases only.
      Parameters:
      resource - -- System resource name
      Returns:
      the path to the local key store location

    • toAlpiniSSLFactory

      public static SslFactory toAlpiniSSLFactory(SSLFactory sslFactory)

    • toAlpiniSSLFactory

      public static SslFactory toAlpiniSSLFactory(SSLFactory sslFactory, boolean openssl)

    • toSSLFactoryWithOpenSSLSupport

      public static SSLFactory toSSLFactoryWithOpenSSLSupport(SSLFactory sslFactory)
      Adapt the incoming SSLFactory into a new one backed by openssl if it is available.

    • isConscryptAvailable

      public static boolean isConscryptAvailable()
      Check whether openssl provider is available or not.

    • toAlpiniSSLConfig

      public static SSLEngineFactoryImpl.Config toAlpiniSSLConfig(SSLConfig sslConfig)

    • getSSLFactory

      public static SSLFactory getSSLFactory(Properties sslProperties, String factoryClassName)
      A helper function that return an instance of SSLFactory with ssl Properties.
      Parameters:
      sslProperties -
      factoryClassName - Different products can plug-in different factory classes.

    • loadSSLConfig

      public static Properties loadSSLConfig(String configFilePath) throws IOException
      Build an instance of Properties with a file path to SSL config file. An example of SSL config file: ssl.enabled:true ssl.key.password:local_password ssl.keystore.location:./identity.p12 ssl.keystore.password:local_password ssl.keystore.type:pkcs12 ssl.truststore.location:./cacerts ssl.truststore.password:local_password
      Throws:
      IOException

    • getX509Certificate

      public static X509Certificate getX509Certificate(Certificate certificate)