Package org.elasticsearch.common.ssl

Class PemTrustConfig

  • All Implemented Interfaces:
    SslTrustConfig
    public final class PemTrustConfig
extends java.lang.Object
implements SslTrustConfig
    A SslTrustConfig that reads a list of PEM encoded trusted certificates (CAs) from the file system. Strictly speaking, this class does not require PEM certificates, and will load any file that can be read by CertificateFactory.generateCertificate(InputStream).

    • Constructor Summary

      Constructors 
      Constructor Description
      PemTrustConfig​(java.util.List<java.nio.file.Path> certificateAuthorities)
      Construct a new trust config for the provided paths.

    • Method Summary

      Modifier and Type Method Description
      javax.net.ssl.X509ExtendedTrustManager createTrustManager()  
      boolean equals​(java.lang.Object o)  
      java.util.Collection<java.nio.file.Path> getDependentFiles()  
      int hashCode()  
      java.lang.String toString()  

      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • PemTrustConfig

        public PemTrustConfig​(java.util.List<java.nio.file.Path> certificateAuthorities)
        Construct a new trust config for the provided paths. The paths are stored as-is, and are not read until createTrustManager() is called. This means that
        1. validation of the file (contents and accessibility) is deferred, and this constructor will not fail on missing of invalid files.
        2. if the contents of the files are modified, then subsequent calls createTrustManager() will return a new trust manager that trust a different set of CAs.

    • Method Detail

      • getDependentFiles

        public java.util.Collection<java.nio.file.Path> getDependentFiles()
        Specified by:
        getDependentFiles in interface SslTrustConfig
        Returns:
        A collection of files that are read by this config object. The SslTrustConfig.createTrustManager() method will read these files dynamically, so the behaviour of this trust config may change if any of these files are modified.

      • createTrustManager

        public javax.net.ssl.X509ExtendedTrustManager createTrustManager()
        Specified by:
        createTrustManager in interface SslTrustConfig
        Returns:
        A new X509ExtendedTrustManager.

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object

      • equals

        public boolean equals​(java.lang.Object o)
        Overrides:
        equals in class java.lang.Object

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object