• Home
• com.aerospike
• avs-client-java
• 0.4.1
• source code
• ClientTlsConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.aerospike.vector.client.ClientTlsConfig Maven / Gradle / Ivy

package com.aerospike.vector.client;

import io.netty.handler.ssl.SslContext;
import java.security.NoSuchAlgorithmException;

/**
 * Configuration class for handling TLS and mTLS within a client application.
 * This class supports setting up TLS configurations including custom SSL contexts,
 * specifying allowable TLS protocols, and defining the necessary components for mTLS such as
 * root certificates, private keys, and certificate chains.
 *
 * 
For TLS, only the root certificate is mandatory.
 * For mTLS, the root certificate, private key and certificate chain are required.
 */
public class ClientTlsConfig {

    /**
     * The Netty SslContext for creating secure channels.
     * If not specified, then context is created using provided tls certs.
     */
    private final SslContext nettySslContext;

    /**
     * Specifies the TLS protocols that the client is allowed to use for secure connections.
     * The protocols are specified as an array of strings. Example usage:
     * 
     *     TlsPolicy policy = new TlsPolicy();
     *     policy.protocols = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"};
     * 
     *
     * 
Default protocol is TLSv1.2 if not specified.
     */
    private final String[] protocols;

    private final String rootCertificate;
    private final String privateKey;
    private final String certificateChain;

    /**
     * Constructs a new ClientTlsConfig with specified SSL context, TLS protocols,
     * and certificate information.
     *
     * @param nettySslContext Custom or default Netty SslContext
     * @param protocols Array of strings specifying the allowable TLS protocols
     * @param rootCertificate Path or content of the root certificate
     * @param privateKey Path or content of the private key (required for mTLS)
     * @param certificateChain Path or content of the certificate chain (required for mTLS)
     */
    public ClientTlsConfig(SslContext nettySslContext, String[] protocols,
                           String rootCertificate, String privateKey, String certificateChain) {
        this.nettySslContext = nettySslContext;
        this.protocols = protocols != null ? protocols : new String[]{"TLSv1.3", "TLSv1.2"};
        this.rootCertificate = rootCertificate;
        this.privateKey = privateKey;
        this.certificateChain = certificateChain;
    }

    /**
     * Returns the configured Netty SslContext.
     * @return the Netty SslContext
     */
    public SslContext getNettySslContext() {
        return nettySslContext;
    }

    /**
     * Returns the root certificate path or content.
     * @return the root certificate
     */
    public String getRootCertificate() {
        return rootCertificate;
    }

    /**
     * Returns the private key path or content, required for mTLS.
     * @return the private key
     */
    public String getPrivateKey() {
        return privateKey;
    }

    /**
     * Returns the certificate chain path or content, required for mTLS.
     * @return the certificate chain
     */
    public String getCertificateChain() {
        return certificateChain;
    }
}