Package io.micronaut.http.netty

Class SslContextAutoLoader

java.lang.Object
io.micronaut.http.netty.SslContextAutoLoader
@Internal public abstract class SslContextAutoLoader extends Object
Automatically loads and refreshes Netty SSL contexts from configured CertificateProviders. Subclasses supply the configuration, transport (TCP vs QUIC), and builder factory. This class subscribes to keystore/truststore publishers and swaps the active SslContextHolder when updates arrive, taking care of Netty reference counting.
Since:
4.10.0
Author:
Jonas Konrad

  • Constructor Details

    • SslContextAutoLoader

      protected SslContextAutoLoader(org.slf4j.Logger log)
      Create a new auto-loader.
      Parameters:
      log - logger used to report initialization failures

  • Method Details

    • takeRetained

      public final @Nullable SslContextHolder takeRetained()
      Obtain the current SSL context holder and retain the underlying Netty contexts.
      Returns:
      the retained holder, or null if no context is currently available

    • clear

      public final void clear()
      Stop watching for updates and release the current SSL context holder. Safe to call multiple times.

    • certificateProviders

      protected abstract @NonNull BeanProvider<CertificateProvider> certificateProviders()
      Access to named CertificateProvider beans used to resolve key/trust material.
      Returns:
      a provider of CertificateProvider beans

    • sslConfiguration

      protected abstract @NonNull SslConfiguration sslConfiguration()
      The SSL configuration used to derive defaults like protocols, ciphers and client auth.
      Returns:
      the SSL configuration

    • quic

      protected abstract boolean quic()
      Whether the target transport is QUIC/HTTP3 (true) or TCP (false).
      Returns:
      true for QUIC, false for TCP

    • createLegacy

      protected abstract @NonNull SslContextHolder createLegacy()
      Create the legacy SSL context holder when no certificate providers are configured. Implementations should read from legacy configuration and build fixed contexts.
      Returns:
      a holder for legacy contexts

    • autoLoad

      public final void autoLoad()
      Start auto-loading using names from SslConfiguration (SslConfiguration.getKeyName() and SslConfiguration.getTrustName()).

    • autoLoad

      public final void autoLoad(@Nullable String keyName, @Nullable String trustName)
      Start auto-loading using the given provider names.
      Parameters:
      keyName - optional name of the CertificateProvider for the key store
      trustName - optional name of the CertificateProvider for the trust store

    • builder

      protected abstract @NonNull NettySslContextBuilder builder()
      Create a new NettySslContextBuilder in server or client mode depending on the subclass.
      Returns:
      the builder to construct Netty SSL contexts