org.springframework.vault.support

Class SslConfiguration

java.lang.Object

org.springframework.vault.support.SslConfiguration

public class SslConfiguration
extends Object

SSL configuration.

Provides configuration for a key store and trust store for TLS certificate verification. Key store and trust store may be left unconfigured if the JDK trust store contains all necessary certificates to verify TLS certificates. The key store is used for Client Certificate authentication.

Author:

Mark Paluch

See Also:

Resource, KeyStore, ClientCertificateAuthentication

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SslConfiguration.KeyConfiguration Configuration for a key in a keystore.
static class	SslConfiguration.KeyStoreConfiguration Configuration for a key store/trust store.

Constructor Summary

Constructors

Constructor and Description
SslConfiguration(Resource keyStore, String keyStorePassword, Resource trustStore, String trustStorePassword) Deprecated. Since 1.1, use SslConfiguration(KeyStoreConfiguration, KeyStoreConfiguration) to prevent String interning and retaining passwords represented as String longer from GC than necessary.
SslConfiguration(SslConfiguration.KeyStoreConfiguration keyStoreConfiguration, SslConfiguration.KeyConfiguration keyConfiguration, SslConfiguration.KeyStoreConfiguration trustStoreConfiguration) Create a new SslConfiguration.
SslConfiguration(SslConfiguration.KeyStoreConfiguration keyStoreConfiguration, SslConfiguration.KeyStoreConfiguration trustStoreConfiguration) Create a new SslConfiguration.

Method Summary

Modifier and Type	Method and Description
static SslConfiguration	create(Resource keyStore, char[] keyStorePassword, Resource trustStore, char[] trustStorePassword) Create a new SslConfiguration for the given truststore with the default KeyStore type.
SslConfiguration	create(Resource keyStore, String keyStorePassword, Resource trustStore, String trustStorePassword) Deprecated. Since 1.1, use create(Resource, char[], Resource, char[]) to prevent String interning and retaining passwords represented as String longer from GC than necessary.
static SslConfiguration	forKeyStore(Resource keyStore, char[] keyStorePassword) Create a new SslConfiguration for the given key store with the default KeyStore type.
static SslConfiguration	forKeyStore(Resource keyStore, char[] keyStorePassword, SslConfiguration.KeyConfiguration keyConfiguration) Create a new SslConfiguration for the given key store with the default KeyStore type.
static SslConfiguration	forKeyStore(Resource keyStore, String keyStorePassword) Deprecated. Since 1.1, use forKeyStore(Resource, char[]) to prevent String interning and retaining passwords represented as String longer from GC than necessary.
static SslConfiguration	forKeyStore(SslConfiguration.KeyStoreConfiguration keyStore) Create a new SslConfiguration for the given key store.
static SslConfiguration	forKeyStore(SslConfiguration.KeyStoreConfiguration keyStore, SslConfiguration.KeyConfiguration keyConfiguration) Create a new SslConfiguration for the given key store and SslConfiguration.KeyConfiguration.
static SslConfiguration	forTrustStore(Resource trustStore, char[] trustStorePassword) Create a new SslConfiguration for the given trust store with the default KeyStore type.
static SslConfiguration	forTrustStore(Resource trustStore, String trustStorePassword) Deprecated. Since 1.1, use forTrustStore(Resource, char[]) to prevent String interning and retaining passwords represented as String longer from GC than necessary.
static SslConfiguration	forTrustStore(SslConfiguration.KeyStoreConfiguration trustStore) Create a new SslConfiguration for the given trust store.
SslConfiguration.KeyConfiguration	getKeyConfiguration()
Resource	getKeyStore()
SslConfiguration.KeyStoreConfiguration	getKeyStoreConfiguration()
String	getKeyStorePassword() Deprecated. Since 1.1, use SslConfiguration.KeyStoreConfiguration.getStorePassword() to prevent String interning and retaining passwords represented as String longer from GC than necessary.
Resource	getTrustStore()
SslConfiguration.KeyStoreConfiguration	getTrustStoreConfiguration()
String	getTrustStorePassword() Deprecated. Since 1.1, use SslConfiguration.KeyStoreConfiguration.getStorePassword() to prevent String interning and retaining passwords represented as String longer from GC than necessary.
static SslConfiguration	unconfigured() Factory method returning an unconfigured SslConfiguration instance.
SslConfiguration	withKeyStore(SslConfiguration.KeyStoreConfiguration configuration) Create a new SslConfiguration with SslConfiguration.KeyStoreConfiguration applied retaining the trust store configuration.
SslConfiguration	withKeyStore(SslConfiguration.KeyStoreConfiguration configuration, SslConfiguration.KeyConfiguration keyConfiguration) Create a new SslConfiguration with SslConfiguration.KeyStoreConfiguration and SslConfiguration.KeyConfiguration applied retaining the trust store configuration.
SslConfiguration	withTrustStore(SslConfiguration.KeyStoreConfiguration configuration) Create a new SslConfiguration with trust store configuration applied retaining the getKeyStoreConfiguration() key store} configuration.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SslConfiguration

@Deprecated
public SslConfiguration(Resource keyStore,
                                    @Nullable
                                    String keyStorePassword,
                                    Resource trustStore,
                                    @Nullable
                                    String trustStorePassword)

Deprecated. Since 1.1, use SslConfiguration(KeyStoreConfiguration, KeyStoreConfiguration) to prevent String interning and retaining passwords represented as String longer from GC than necessary.

Create a new SslConfiguration with the default KeyStore type.

Parameters:

keyStore - the key store resource, must not be null.

keyStorePassword - the key store password.

trustStore - the trust store resource, must not be null.

trustStorePassword - the trust store password.

SslConfiguration

public SslConfiguration(SslConfiguration.KeyStoreConfiguration keyStoreConfiguration,
                        SslConfiguration.KeyStoreConfiguration trustStoreConfiguration)

Create a new SslConfiguration.

Parameters:

keyStoreConfiguration - the key store configuration, must not be null.

trustStoreConfiguration - the trust store configuration, must not be null.

Since:

1.1

SslConfiguration

public SslConfiguration(SslConfiguration.KeyStoreConfiguration keyStoreConfiguration,
                        SslConfiguration.KeyConfiguration keyConfiguration,
                        SslConfiguration.KeyStoreConfiguration trustStoreConfiguration)

Create a new SslConfiguration.

Parameters:

keyStoreConfiguration - the key store configuration, must not be null.

keyConfiguration - the configuration for a specific key in keyStoreConfiguration to use.

trustStoreConfiguration - the trust store configuration, must not be null.

Since:

2.2

Method Detail

forTrustStore

@Deprecated
public static SslConfiguration forTrustStore(Resource trustStore,
                                                         @Nullable
                                                         String trustStorePassword)

Deprecated. Since 1.1, use forTrustStore(Resource, char[]) to prevent String interning and retaining passwords represented as String longer from GC than necessary.

Create a new SslConfiguration for the given trust store with the default KeyStore type.

Parameters:

trustStore - resource pointing to an existing trust store, must not be null.

trustStorePassword - may be null.

Returns:

the created SslConfiguration.

See Also:

KeyStore

forTrustStore

public static SslConfiguration forTrustStore(Resource trustStore,
                                             @Nullable
                                             char[] trustStorePassword)

Create a new SslConfiguration for the given trust store with the default KeyStore type.

Parameters:

trustStore - resource pointing to an existing trust store, must not be null.

trustStorePassword - may be null.

Returns:

the created SslConfiguration.

See Also:

KeyStore

forTrustStore

public static SslConfiguration forTrustStore(SslConfiguration.KeyStoreConfiguration trustStore)

Create a new SslConfiguration for the given trust store.

Parameters:

trustStore - must not be null.

Returns:

a new SslConfiguration with trust store configuration applied.

Since:

2.2

See Also:

KeyStore

forKeyStore

@Deprecated
public static SslConfiguration forKeyStore(Resource keyStore,
                                                       @Nullable
                                                       String keyStorePassword)

Deprecated. Since 1.1, use forKeyStore(Resource, char[]) to prevent String interning and retaining passwords represented as String longer from GC than necessary.

Create a new SslConfiguration for the given key store with the default KeyStore type.

Parameters:

keyStore - resource pointing to an existing key store, must not be null.

keyStorePassword - may be null.

Returns:

the created SslConfiguration.

See Also:

KeyStore

forKeyStore

public static SslConfiguration forKeyStore(Resource keyStore,
                                           @Nullable
                                           char[] keyStorePassword)

Create a new SslConfiguration for the given key store with the default KeyStore type.

Parameters:

keyStore - resource pointing to an existing key store, must not be null.

keyStorePassword - may be null.

Returns:

the created SslConfiguration.

See Also:

KeyStore

forKeyStore

public static SslConfiguration forKeyStore(SslConfiguration.KeyStoreConfiguration keyStore)

Create a new SslConfiguration for the given key store.

Parameters:

keyStore - resource pointing to an existing key store, must not be null.

Returns:

the created SslConfiguration.

Since:

2.2

See Also:

KeyStore

forKeyStore

public static SslConfiguration forKeyStore(SslConfiguration.KeyStoreConfiguration keyStore,
                                           SslConfiguration.KeyConfiguration keyConfiguration)

Create a new SslConfiguration for the given key store and SslConfiguration.KeyConfiguration.

Parameters:

keyStore - resource pointing to an existing key store, must not be null.

keyConfiguration - the configuration for a specific key in keyStoreConfiguration to use.

Returns:

the created SslConfiguration.

Since:

2.2

See Also:

KeyStore

forKeyStore

public static SslConfiguration forKeyStore(Resource keyStore,
                                           @Nullable
                                           char[] keyStorePassword,
                                           SslConfiguration.KeyConfiguration keyConfiguration)

Create a new SslConfiguration for the given key store with the default KeyStore type.

Parameters:

keyStore - resource pointing to an existing key store, must not be null.

keyStorePassword - may be null.

keyConfiguration - the configuration for a specific key in keyStoreConfiguration to use.

Returns:

the created SslConfiguration.

Since:

2.2

See Also:

KeyStore

create

@Deprecated
public SslConfiguration create(Resource keyStore,
                                           @Nullable
                                           String keyStorePassword,
                                           Resource trustStore,
                                           @Nullable
                                           String trustStorePassword)

Deprecated. Since 1.1, use create(Resource, char[], Resource, char[]) to prevent String interning and retaining passwords represented as String longer from GC than necessary.

Create a new SslConfiguration for the given truststore with the default KeyStore type.

Parameters:

keyStore - resource pointing to an existing keystore, must not be null.

keyStorePassword - may be null.

trustStore - resource pointing to an existing trust store, must not be null.

trustStorePassword - may be null.

Returns:

the created SslConfiguration.

See Also:

KeyStore

create

public static SslConfiguration create(Resource keyStore,
                                      @Nullable
                                      char[] keyStorePassword,
                                      Resource trustStore,
                                      @Nullable
                                      char[] trustStorePassword)

Create a new SslConfiguration for the given truststore with the default KeyStore type.

Parameters:

keyStore - resource pointing to an existing keystore, must not be null.

keyStorePassword - may be null.

trustStore - resource pointing to an existing trust store, must not be null.

trustStorePassword - may be null.

Returns:

the created SslConfiguration.

See Also:

KeyStore

unconfigured

public static SslConfiguration unconfigured()

Factory method returning an unconfigured SslConfiguration instance.

Returns:

an unconfigured SslConfiguration instance.

Since:

2.0

getKeyStore

public Resource getKeyStore()

Returns:

the key store resource or null if not configured.

getKeyStorePassword

@Deprecated
 @Nullable
public String getKeyStorePassword()

Deprecated. Since 1.1, use SslConfiguration.KeyStoreConfiguration.getStorePassword() to prevent String interning and retaining passwords represented as String longer from GC than necessary.

Returns:

the key store password or null if not configured.

getKeyStoreConfiguration

public SslConfiguration.KeyStoreConfiguration getKeyStoreConfiguration()

Returns:

the key store configuration.

Since:

1.1

getKeyConfiguration

public SslConfiguration.KeyConfiguration getKeyConfiguration()

Returns:

the key configuration.

Since:

2.2

withKeyStore

public SslConfiguration withKeyStore(SslConfiguration.KeyStoreConfiguration configuration)

Create a new SslConfiguration with SslConfiguration.KeyStoreConfiguration applied retaining the trust store configuration.

Parameters:

configuration - must not be null.

Returns:

a new SslConfiguration with SslConfiguration.KeyStoreConfiguration applied.

Since:

2.0

withKeyStore

public SslConfiguration withKeyStore(SslConfiguration.KeyStoreConfiguration configuration,
                                     SslConfiguration.KeyConfiguration keyConfiguration)

Create a new SslConfiguration with SslConfiguration.KeyStoreConfiguration and SslConfiguration.KeyConfiguration applied retaining the trust store configuration.

Parameters:

configuration - must not be null.

keyConfiguration - the configuration for a specific key in keyStoreConfiguration to use.

Returns:

a new SslConfiguration with SslConfiguration.KeyStoreConfiguration and SslConfiguration.KeyConfiguration applied.

Since:

2.2

getTrustStore

public Resource getTrustStore()

Returns:

the key store resource or null if not configured.

getTrustStorePassword

@Deprecated
 @Nullable
public String getTrustStorePassword()

Deprecated. Since 1.1, use SslConfiguration.KeyStoreConfiguration.getStorePassword() to prevent String interning and retaining passwords represented as String longer from GC than necessary.

Returns:

the trust store password or null if not configured.

getTrustStoreConfiguration

public SslConfiguration.KeyStoreConfiguration getTrustStoreConfiguration()

Returns:

the trust store configuration.

Since:

1.1

withTrustStore

public SslConfiguration withTrustStore(SslConfiguration.KeyStoreConfiguration configuration)

Create a new SslConfiguration with trust store configuration applied retaining the getKeyStoreConfiguration() key store} configuration.

Parameters:

configuration - must not be null.

Returns:

a new SslConfiguration with trust store configuration applied.

Since:

2.0