Package io.deephaven.util

Class SSLUtils

java.lang.Object

io.deephaven.util.SSLUtils

public class SSLUtils
extends Object

Class to help with SSLContext creation.

Constructor Summary

Constructors

Constructor	Description
SSLUtils()

Method Summary

Modifier and Type	Method	Description
static SSLContext	createSSLContext(com.fishlib.configuration.Configuration configuration, String propertyPrefix, boolean createKeyManagerFactory, String keyManagerFactoryAlgorithm)	Create an SSLContext from the standard Deephaven properties, using the specified property prefix.
static String	getKeystorePassphrase(com.fishlib.configuration.Configuration configuration, String propertyMeaning, String environmentVariable, String propertyPrefix)	Retrieve the keystore passphrase for a pemfile.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SSLUtils

public SSLUtils()

Method Details

createSSLContext

@NotNull
public static SSLContext createSSLContext(@NotNull
 com.fishlib.configuration.Configuration configuration,
 @NotNull
 String propertyPrefix,
 boolean createKeyManagerFactory,
 @Nullable
 String keyManagerFactoryAlgorithm)
                                   throws DeephavenException

Create an SSLContext from the standard Deephaven properties, using the specified property prefix. This will use SslStoreParams.getKeyStorePathFromPrefix(com.fishlib.configuration.Configuration, java.lang.String) and SslStoreParams.getPassphraseFromPrefix(com.fishlib.configuration.Configuration, java.lang.String) to retrieve a keystore path and passphrase from the Deephaven configuration and get the KeyStore, then initialize an optional KeyManagerFactory with it, and finally get and initialize the SSLContext. This context is suitable for use in servers such as Prometheus.

Parameters:

configuration - a Configuration

propertyPrefix - the prefix to be used to look for keystore properties

createKeyManagerFactory - if true, create the KeyManagerFactory

keyManagerFactoryAlgorithm - if provided, the algorithm used to create the KeyManagerFactory, otherwise SunX509 will be used

Returns:

the SSLContext

Throws:

DeephavenException - wrapping other SSL-related exceptions

getKeystorePassphrase

public static String getKeystorePassphrase(@NotNull
 com.fishlib.configuration.Configuration configuration,
 @NotNull
 String propertyMeaning,
 @Nullable
 String environmentVariable,
 @Nullable
 String propertyPrefix)

Retrieve the keystore passphrase for a pemfile. Either environmentVariable or propertyPrefix must be provided, or both.

Parameters:

configuration - a Configuration

propertyMeaning - the property's meaning (for logging)

environmentVariable - an optional environment variable to use to retrieve the passphrase

propertyPrefix - an optional property prefix to be used to retrieve the passphrase (an additional lookup will be performed with ".file" appended)

Returns:

the keystore's passphrase, base-64-decoded if necessary