Package io.micronaut.http.ssl
Class FileCertificateProvider.Config
java.lang.Object
io.micronaut.http.ssl.FileCertificateProvider.Config
- All Implemented Interfaces:
Named
- Enclosing class:
- FileCertificateProvider
@EachProperty("micronaut.certificate.file")
public static final class FileCertificateProvider.Config
extends Object
Configuration for file-based certificate material. Supports JKS/PKCS12 and PEM,
with optional automatic reloading.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionOptional path to a separate PEM-encoded certificate chain.Explicit format of the certificate material.getName()Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.getPath()Path to the main certificate file to load.Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.Strategy for reloading the certificate file.voidsetCertificatePath(@Nullable Path certificatePath) Optional path to a separate PEM-encoded certificate chain.voidExplicit format of the certificate material.voidsetPassword(@Nullable String password) Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.voidPath to the main certificate file to load.voidsetRefreshInterval(@NonNull Duration refreshInterval) Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.voidsetRefreshMode(@NonNull FileCertificateProvider.RefreshMode refreshMode) Strategy for reloading the certificate file.
-
Constructor Details
-
Config
-
-
Method Details
-
getPath
Path to the main certificate file to load. For JKS/PKCS12 this is a key store (optionally protected bypassword). For PEM this file may contain a private key and optionally certificates; when it only contains a private key, the certificate chain can be supplied viacertificatePath. Reload behavior is controlled byrefreshMode/refreshInterval.- Returns:
- the path to the certificate file
-
setPath
Path to the main certificate file to load. For JKS/PKCS12 this is a key store (optionally protected bypassword). For PEM this file may contain a private key and optionally certificates; when it only contains a private key, the certificate chain can be supplied viacertificatePath. Reload behavior is controlled byrefreshMode/refreshInterval.- Parameters:
path- the path to the certificate file
-
getCertificatePath
Optional path to a separate PEM-encoded certificate chain. Only supported when theformatisPEM. When set, the main file atpathmust contain only the private key.- Returns:
- the path to the PEM certificate chain or
null
-
setCertificatePath
Optional path to a separate PEM-encoded certificate chain. Only supported when theformatisPEM. When set, the main file atpathmust contain only the private key.- Parameters:
certificatePath- the path to the PEM certificate chain ornull
-
getRefreshMode
Strategy for reloading the certificate file.NONE: load once.FILE_WATCHER: watch the directory and reload on changes.SCHEDULER: periodically reload.FILE_WATCHER_OR_SCHEDULER: use a watcher when supported, otherwise fall back to scheduled reloads.- Returns:
- the refresh strategy
-
setRefreshMode
Strategy for reloading the certificate file.NONE: load once.FILE_WATCHER: watch the directory and reload on changes.SCHEDULER: periodically reload.FILE_WATCHER_OR_SCHEDULER: use a watcher when supported, otherwise fall back to scheduled reloads.- Parameters:
refreshMode- the refresh strategy
-
getRefreshInterval
Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.- Returns:
- the refresh interval
-
setRefreshInterval
Interval used for scheduled reloads when the refresh mode uses a scheduler or when file watching is not available and a scheduled fallback is used.- Parameters:
refreshInterval- the refresh interval
-
getName
-
getFormat
Explicit format of the certificate material. If not set, Micronaut will first try to load the file as a key store (JKS/PKCS12) and, if that fails, as PEM. A separatecertificatePathcan only be used with PEM.- Returns:
- the certificate file format or
nullto auto-detect
-
setFormat
Explicit format of the certificate material. If not set, Micronaut will first try to load the file as a key store (JKS/PKCS12) and, if that fails, as PEM. A separatecertificatePathcan only be used with PEM.- Parameters:
format- the certificate file format ornullto auto-detect
-
getPassword
Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.- Returns:
- the password or
nullif not required
-
setPassword
Password used to open the key store (JKS/PKCS12) or decrypt PEM private keys, if required.- Parameters:
password- the password ornullif not required
-