Package io.micronaut.http.netty
Class SslContextAutoLoader
java.lang.Object
io.micronaut.http.netty.SslContextAutoLoader
Automatically loads and refreshes Netty SSL contexts from configured
CertificateProvider
s.
Subclasses supply the configuration, transport (TCP vs QUIC), and builder factory. This class
subscribes to keystore/truststore publishers and swaps the active SslContextHolder
when updates arrive, taking care of Netty reference counting.- Since:
- 4.10.0
- Author:
- Jonas Konrad
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
SslContextAutoLoader
(org.slf4j.Logger log) Create a new auto-loader. -
Method Summary
Modifier and TypeMethodDescriptionfinal void
autoLoad()
Start auto-loading using names fromSslConfiguration
(SslConfiguration.getKeyName()
andSslConfiguration.getTrustName()
).final void
Start auto-loading using the given provider names.protected abstract @NonNull NettySslContextBuilder
builder()
Create a newNettySslContextBuilder
in server or client mode depending on the subclass.protected abstract @NonNull BeanProvider<CertificateProvider>
Access to namedCertificateProvider
beans used to resolve key/trust material.final void
clear()
Stop watching for updates and release the current SSL context holder.protected abstract @NonNull SslContextHolder
Create the legacy SSL context holder when no certificate providers are configured.protected abstract boolean
quic()
Whether the target transport is QUIC/HTTP3 (true) or TCP (false).protected abstract @NonNull SslConfiguration
The SSL configuration used to derive defaults like protocols, ciphers and client auth.final @Nullable SslContextHolder
Obtain the current SSL context holder and retain the underlying Netty contexts.
-
Constructor Details
-
SslContextAutoLoader
protected SslContextAutoLoader(org.slf4j.Logger log) Create a new auto-loader.- Parameters:
log
- logger used to report initialization failures
-
-
Method Details
-
takeRetained
Obtain the current SSL context holder and retain the underlying Netty contexts.- Returns:
- the retained holder, or
null
if no context is currently available
-
clear
public final void clear()Stop watching for updates and release the current SSL context holder. Safe to call multiple times. -
certificateProviders
Access to namedCertificateProvider
beans used to resolve key/trust material.- Returns:
- a provider of
CertificateProvider
beans
-
sslConfiguration
The SSL configuration used to derive defaults like protocols, ciphers and client auth.- Returns:
- the SSL configuration
-
quic
protected abstract boolean quic()Whether the target transport is QUIC/HTTP3 (true) or TCP (false).- Returns:
true
for QUIC,false
for TCP
-
createLegacy
Create the legacy SSL context holder when no certificate providers are configured. Implementations should read from legacy configuration and build fixed contexts.- Returns:
- a holder for legacy contexts
-
autoLoad
public final void autoLoad()Start auto-loading using names fromSslConfiguration
(SslConfiguration.getKeyName()
andSslConfiguration.getTrustName()
). -
autoLoad
public final void autoLoad(@Nullable @Nullable String keyName, @Nullable @Nullable String trustName) Start auto-loading using the given provider names.- Parameters:
keyName
- optional name of theCertificateProvider
for the key storetrustName
- optional name of theCertificateProvider
for the trust store
-
builder
Create a newNettySslContextBuilder
in server or client mode depending on the subclass.- Returns:
- the builder to construct Netty SSL contexts
-