Package io.quarkus.tls.runtime.config

Interface KeyStoreConfig

public interface KeyStoreConfig

  • Method Details

    • pem

      Optional<PemKeyCertConfig> pem()
      Configures the PEM key/certificate pair.

    • p12

      Optional<P12KeyStoreConfig> p12()
      Configure the PKCS12 key store.

    • jks

      Optional<JKSKeyStoreConfig> jks()
      Configure the JKS key store.

    • sni

      @WithDefault("false") boolean sni()
      Enables Server Name Indication (SNI).

      Server Name Indication (SNI) is a TLS extension that allows a client to specify the hostname it is attempting to connect to during the TLS handshake. This enables a server to present different SSL certificates for multiple domains on a single IP address, facilitating secure communication for virtual hosting scenarios.

      With this setting enabled, the client indicate the server name during the TLS handshake, allowing the server to select the right certificate.

      When configuring the keystore with PEM files, multiple CRT/Key must be given. When configuring the keystore with a JKS or a P12 file, it selects one alias based on the SNI hostname. In this case, all the keystore password and alias password must be the same (configured with the password and alias-password properties. Do not set the alias property.

    • credentialsProvider

      KeyStoreCredentialProviderConfig credentialsProvider()
      The credential provider configuration for the keys store. A credential provider offers a way to retrieve the key store password and alias password. Note that the credential provider is only used if the password / alias password are not set in the configuration.

    • validate

      default void validate(String name)