Package org.apache.pinot.common.utils
Class TlsUtils
- java.lang.Object
-
- org.apache.pinot.common.utils.TlsUtils
-
public final class TlsUtils extends Object
Utility class for shared TLS configuration logic
-
-
Method Summary
Modifier and Type Method Description static io.netty.handler.ssl.SslContextbuildClientContext(TlsConfig tlsConfig)Builds client side SslContext based on a given TlsConfig.static io.netty.handler.ssl.SslContextbuildServerContext(TlsConfig tlsConfig)Builds server side SslContext based on a given TlsConfig.static KeyManagerFactorycreateKeyManagerFactory(String keyStorePath, String keyStorePassword, String keyStoreType)Create a KeyManagerFactory instance for a given path and key passwordstatic KeyManagerFactorycreateKeyManagerFactory(TlsConfig tlsConfig)Create a KeyManagerFactory instance for a given TlsConfigstatic TrustManagerFactorycreateTrustManagerFactory(String trustStorePath, String trustStorePassword, String trustStoreType)Create a TrustManagerFactory instance from a given path and key passwordstatic TrustManagerFactorycreateTrustManagerFactory(TlsConfig tlsConfig)Create a TrustManagerFactory instance from a given TlsConfig.static TlsConfigextractTlsConfig(PinotConfiguration pinotConfig, String namespace)Extract a TlsConfig instance from a namespaced set of configuration keys.static TlsConfigextractTlsConfig(PinotConfiguration pinotConfig, String namespace, TlsConfig defaultConfig)Extract a TlsConfig instance from a namespaced set of configuration keys, based on a default configstatic SSLContextgetSslContext()Get the SSL context, see:TlsUtils.SSLContextHolderfor more details.static voidinstallDefaultSSLSocketFactory(String keyStoreType, String keyStorePath, String keyStorePassword, String trustStoreType, String trustStorePath, String trustStorePassword)Installs a default TLS socket factory for all HttpsURLConnection instances based on a given set of key and trust store paths and passwordsstatic voidinstallDefaultSSLSocketFactory(TlsConfig tlsConfig)Installs a default TLS socket factory for all HttpsURLConnection instances based on a given TlsConfig (1 or 2-way)static URLmakeKeyStoreUrl(String storePath)static voidsetSslContext(SSLContext sslContext)Set the SSL context, see:TlsUtils.SSLContextHolderfor more details.
-
-
-
Method Detail
-
extractTlsConfig
public static TlsConfig extractTlsConfig(PinotConfiguration pinotConfig, String namespace)
Extract a TlsConfig instance from a namespaced set of configuration keys.- Parameters:
pinotConfig- pinot configurationnamespace- namespace prefix- Returns:
- TlsConfig instance
-
extractTlsConfig
public static TlsConfig extractTlsConfig(PinotConfiguration pinotConfig, String namespace, TlsConfig defaultConfig)
Extract a TlsConfig instance from a namespaced set of configuration keys, based on a default config- Parameters:
pinotConfig- pinot configurationnamespace- namespace prefixdefaultConfig- TLS config defaults- Returns:
- TlsConfig instance
-
createKeyManagerFactory
public static KeyManagerFactory createKeyManagerFactory(TlsConfig tlsConfig)
Create a KeyManagerFactory instance for a given TlsConfig- Parameters:
tlsConfig- TLS config- Returns:
- KeyManagerFactory
-
createKeyManagerFactory
public static KeyManagerFactory createKeyManagerFactory(String keyStorePath, String keyStorePassword, String keyStoreType)
Create a KeyManagerFactory instance for a given path and key password- Parameters:
keyStorePath- store pathkeyStorePassword- passwordkeyStoreType- keystore type for keystore- Returns:
- KeyManagerFactory
-
createTrustManagerFactory
public static TrustManagerFactory createTrustManagerFactory(TlsConfig tlsConfig)
Create a TrustManagerFactory instance from a given TlsConfig.- Parameters:
tlsConfig- TLS config- Returns:
- TrustManagerFactory
-
createTrustManagerFactory
public static TrustManagerFactory createTrustManagerFactory(String trustStorePath, String trustStorePassword, String trustStoreType)
Create a TrustManagerFactory instance from a given path and key password- Parameters:
trustStorePath- store pathtrustStorePassword- passwordtrustStoreType- keystore type for truststore- Returns:
- TrustManagerFactory
-
installDefaultSSLSocketFactory
public static void installDefaultSSLSocketFactory(TlsConfig tlsConfig)
Installs a default TLS socket factory for all HttpsURLConnection instances based on a given TlsConfig (1 or 2-way)- Parameters:
tlsConfig- TLS config
-
installDefaultSSLSocketFactory
public static void installDefaultSSLSocketFactory(String keyStoreType, String keyStorePath, String keyStorePassword, String trustStoreType, String trustStorePath, String trustStorePassword)
Installs a default TLS socket factory for all HttpsURLConnection instances based on a given set of key and trust store paths and passwords- Parameters:
keyStoreType- keystore type for keystorekeyStorePath- key store pathkeyStorePassword- key passwordtrustStoreType- keystore type for truststoretrustStorePath- trust store pathtrustStorePassword- trust password
-
makeKeyStoreUrl
public static URL makeKeyStoreUrl(String storePath) throws URISyntaxException, MalformedURLException
-
getSslContext
public static SSLContext getSslContext()
Get the SSL context, see:TlsUtils.SSLContextHolderfor more details.- Returns:
- the SSL context.
-
setSslContext
public static void setSslContext(SSLContext sslContext)
Set the SSL context, see:TlsUtils.SSLContextHolderfor more details.- Parameters:
sslContext- the SSL context to be set.
-
buildClientContext
public static io.netty.handler.ssl.SslContext buildClientContext(TlsConfig tlsConfig)
Builds client side SslContext based on a given TlsConfig.- Parameters:
tlsConfig- TLS config
-
buildServerContext
public static io.netty.handler.ssl.SslContext buildServerContext(TlsConfig tlsConfig)
Builds server side SslContext based on a given TlsConfig.- Parameters:
tlsConfig- TLS config
-
-