Package io.micronaut.http.ssl
Class FileCertificateProvider.Config
java.lang.Object
io.micronaut.http.ssl.FileCertificateProvider.Config
- All Implemented Interfaces:
Named
- Enclosing class:
- FileCertificateProvider
@EachProperty("micronaut.certificate.file")
public static final class FileCertificateProvider.Config
extends Object
Configuration for file-based certificate material. Supports JKS/PKCS12 and PEM,
with optional automatic reloading.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionOptional path to a separate PEM-encoded certificate chain.Explicit format of the certificate material.getName()
Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.getPath()
Path to the main certificate file to load.Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.Strategy for reloading the certificate file.void
setCertificatePath
(@Nullable Path certificatePath) Optional path to a separate PEM-encoded certificate chain.void
Explicit format of the certificate material.void
setPassword
(@Nullable String password) Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.void
Path to the main certificate file to load.void
setRefreshInterval
(@NonNull Duration refreshInterval) Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.void
setRefreshMode
(@NonNull FileCertificateProvider.RefreshMode refreshMode) Strategy for reloading the certificate file.
-
Constructor Details
-
Config
-
-
Method Details
-
getPath
Path to the main certificate file to load. For JKS/PKCS12 this is a key store (optionally protected bypassword
). For PEM this file may contain a private key and optionally certificates; when it only contains a private key, the certificate chain can be supplied viacertificatePath
. Reload behavior is controlled byrefreshMode
/refreshInterval
.- Returns:
- the path to the certificate file
-
setPath
Path to the main certificate file to load. For JKS/PKCS12 this is a key store (optionally protected bypassword
). For PEM this file may contain a private key and optionally certificates; when it only contains a private key, the certificate chain can be supplied viacertificatePath
. Reload behavior is controlled byrefreshMode
/refreshInterval
.- Parameters:
path
- the path to the certificate file
-
getCertificatePath
Optional path to a separate PEM-encoded certificate chain. Only supported when theformat
isPEM
. When set, the main file atpath
must contain only the private key.- Returns:
- the path to the PEM certificate chain or
null
-
setCertificatePath
Optional path to a separate PEM-encoded certificate chain. Only supported when theformat
isPEM
. When set, the main file atpath
must contain only the private key.- Parameters:
certificatePath
- the path to the PEM certificate chain ornull
-
getRefreshMode
Strategy for reloading the certificate file.NONE
: load once.FILE_WATCHER
: watch the directory and reload on changes.SCHEDULER
: periodically reload.FILE_WATCHER_OR_SCHEDULER
: use a watcher when supported, otherwise fall back to scheduled reloads.- Returns:
- the refresh strategy
-
setRefreshMode
Strategy for reloading the certificate file.NONE
: load once.FILE_WATCHER
: watch the directory and reload on changes.SCHEDULER
: periodically reload.FILE_WATCHER_OR_SCHEDULER
: use a watcher when supported, otherwise fall back to scheduled reloads.- Parameters:
refreshMode
- the refresh strategy
-
getRefreshInterval
Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.- Returns:
- the refresh interval
-
setRefreshInterval
Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.- Parameters:
refreshInterval
- the refresh interval
-
getName
-
getFormat
Explicit format of the certificate material. If not set, Micronaut will first try to load the file as a key store (JKS/PKCS12) and, if that fails, as PEM. A separatecertificatePath
can only be used with PEM.- Returns:
- the certificate file format or
null
to auto-detect
-
setFormat
Explicit format of the certificate material. If not set, Micronaut will first try to load the file as a key store (JKS/PKCS12) and, if that fails, as PEM. A separatecertificatePath
can only be used with PEM.- Parameters:
format
- the certificate file format ornull
to auto-detect
-
getPassword
Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.- Returns:
- the password or
null
if not required
-
setPassword
Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.- Parameters:
password
- the password ornull
if not required
-