Class FileCertificateProvider.Config

java.lang.Object
io.micronaut.http.ssl.FileCertificateProvider.Config
All Implemented Interfaces:
Named
Enclosing class:
FileCertificateProvider

@EachProperty("micronaut.certificate.file") public static final class FileCertificateProvider.Config extends Object
Configuration for file-based certificate material. Supports JKS/PKCS12 and PEM, with optional automatic reloading.
  • Constructor Details

  • Method Details

    • getPath

      @NonNull public @NonNull Path getPath()
      Path to the main certificate file to load. For JKS/PKCS12 this is a key store (optionally protected by password). For PEM this file may contain a private key and optionally certificates; when it only contains a private key, the certificate chain can be supplied via certificatePath. Reload behavior is controlled by refreshMode/refreshInterval.
      Returns:
      the path to the certificate file
    • setPath

      public void setPath(@NonNull @NonNull Path path)
      Path to the main certificate file to load. For JKS/PKCS12 this is a key store (optionally protected by password). For PEM this file may contain a private key and optionally certificates; when it only contains a private key, the certificate chain can be supplied via certificatePath. Reload behavior is controlled by refreshMode/refreshInterval.
      Parameters:
      path - the path to the certificate file
    • getCertificatePath

      @Nullable public @Nullable Path getCertificatePath()
      Optional path to a separate PEM-encoded certificate chain. Only supported when the format is PEM. When set, the main file at path must contain only the private key.
      Returns:
      the path to the PEM certificate chain or null
    • setCertificatePath

      public void setCertificatePath(@Nullable @Nullable Path certificatePath)
      Optional path to a separate PEM-encoded certificate chain. Only supported when the format is PEM. When set, the main file at path must contain only the private key.
      Parameters:
      certificatePath - the path to the PEM certificate chain or null
    • getRefreshMode

      Strategy for reloading the certificate file. NONE: load once. FILE_WATCHER: watch the directory and reload on changes. SCHEDULER: periodically reload. FILE_WATCHER_OR_SCHEDULER: use a watcher when supported, otherwise fall back to scheduled reloads.
      Returns:
      the refresh strategy
    • setRefreshMode

      public void setRefreshMode(@NonNull @NonNull FileCertificateProvider.RefreshMode refreshMode)
      Strategy for reloading the certificate file. NONE: load once. FILE_WATCHER: watch the directory and reload on changes. SCHEDULER: periodically reload. FILE_WATCHER_OR_SCHEDULER: use a watcher when supported, otherwise fall back to scheduled reloads.
      Parameters:
      refreshMode - the refresh strategy
    • getRefreshInterval

      @NonNull public @NonNull Duration getRefreshInterval()
      Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.
      Returns:
      the refresh interval
    • setRefreshInterval

      public void setRefreshInterval(@NonNull @NonNull Duration refreshInterval)
      Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.
      Parameters:
      refreshInterval - the refresh interval
    • getName

      @NonNull public @NonNull String getName()
      Specified by:
      getName in interface Named
      Returns:
      The name of the component
    • getFormat

      Explicit format of the certificate material. If not set, Micronaut will first try to load the file as a key store (JKS/PKCS12) and, if that fails, as PEM. A separate certificatePath can only be used with PEM.
      Returns:
      the certificate file format or null to auto-detect
    • setFormat

      public void setFormat(@Nullable FileCertificateProvider.Format format)
      Explicit format of the certificate material. If not set, Micronaut will first try to load the file as a key store (JKS/PKCS12) and, if that fails, as PEM. A separate certificatePath can only be used with PEM.
      Parameters:
      format - the certificate file format or null to auto-detect
    • getPassword

      @Nullable public @Nullable String getPassword()
      Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.
      Returns:
      the password or null if not required
    • setPassword

      public void setPassword(@Nullable @Nullable String password)
      Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.
      Parameters:
      password - the password or null if not required