• Home
• com.aerospike
• avs-client-java
• 0.5.0
• source code
• ClientTlsConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.aerospike.vector.client.ClientTlsConfig Maven / Gradle / Ivy

package com.aerospike.vector.client;

import io.netty.handler.ssl.SslContext;

/**
 * Configuration class for handling TLS and mTLS within a client application. This class supports
 * setting up TLS configurations including custom SSL contexts, specifying allowable TLS protocols,
 * and defining the necessary components for mTLS such as root certificates, private keys, and
 * certificate chains.
 *
 * 
For TLS, only the root certificate is mandatory. For mTLS, the root certificate, private key
 * and certificate chain are required.
 */
public class ClientTlsConfig {

    /**
     * The Netty SslContext for creating secure channels. If not specified, then context is created
     * using provided tls certs.
     */
    private final SslContext nettySslContext;

    /**
     * Specifies the TLS protocols that the client is allowed to use for secure connections. The
     * protocols are specified as an array of strings. Example usage:
     *
     * 
     *     TlsPolicy policy = new TlsPolicy();
     *     policy.protocols = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"};
     * 
     *
     * 
Default protocol is TLSv1.2 if not specified.
     */
    private final String[] protocols;

    private final String rootCertificate;
    private final String privateKey;
    private final String certificateChain;

    /**
     * Constructs a new ClientTlsConfig with specified SSL context, TLS protocols, and certificate
     * information.
     *
     * @param nettySslContext Custom or default Netty SslContext
     * @param protocols Array of strings specifying the allowable TLS protocols
     * @param rootCertificate Path or content of the root certificate
     * @param privateKey Path or content of the private key (required for mTLS)
     * @param certificateChain Path or content of the certificate chain (required for mTLS)
     */
    public ClientTlsConfig(
            SslContext nettySslContext,
            String[] protocols,
            String rootCertificate,
            String privateKey,
            String certificateChain) {
        this.nettySslContext = nettySslContext;
        this.protocols = protocols != null ? protocols : new String[] {"TLSv1.3", "TLSv1.2"};
        this.rootCertificate = rootCertificate;
        this.privateKey = privateKey;
        this.certificateChain = certificateChain;
    }

    /**
     * Returns the configured Netty SslContext.
     *
     * @return the Netty SslContext
     */
    public SslContext getNettySslContext() {
        return nettySslContext;
    }

    /**
     * Returns the root certificate path or content.
     *
     * @return the root certificate
     */
    public String getRootCertificate() {
        return rootCertificate;
    }

    /**
     * Returns the private key path or content, required for mTLS.
     *
     * @return the private key
     */
    public String getPrivateKey() {
        return privateKey;
    }

    /**
     * Returns the certificate chain path or content, required for mTLS.
     *
     * @return the certificate chain
     */
    public String getCertificateChain() {
        return certificateChain;
    }
}