Index
All Classes|All Packages
C
- calculateFingerprint(X509Certificate) - Static method in class org.elasticsearch.common.ssl.SslUtil
- CERTIFICATE - org.elasticsearch.common.ssl.SslVerificationMode
-
Verify the provided certificate against the trust chain, but do not verify the hostname.
- CERTIFICATE - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The path to a PEM formatted file that contains the certificate to be used as part of key management
- CERTIFICATE_AUTHORITIES - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
A list of paths to PEM formatted certificates that should be trusted as CAs
- checkClientTrusted(X509Certificate[], String) - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- checkClientTrusted(X509Certificate[], String, Socket) - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- checkClientTrusted(X509Certificate[], String, SSLEngine) - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- checkIssuerTrust(Map<String, List<X509Certificate>>, X509Certificate) - Static method in class org.elasticsearch.common.ssl.SslDiagnostics
- checkServerTrusted(X509Certificate[], String) - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- checkServerTrusted(X509Certificate[], String, Socket) - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- checkServerTrusted(X509Certificate[], String, SSLEngine) - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- CIPHERS - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The SSL/TLS cipher suites that should be used
- CLIENT - org.elasticsearch.common.ssl.SslDiagnostics.PeerType
- CLIENT_AUTH - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
When operating as a server, whether to request/require client certificates
- configure(SSLParameters) - Method in enum org.elasticsearch.common.ssl.SslClientAuthenticationMode
-
Configure client authentication of the provided
SSLParameters - createKeyManager() - Method in class org.elasticsearch.common.ssl.PemKeyConfig
- createKeyManager() - Method in interface org.elasticsearch.common.ssl.SslKeyConfig
- createKeyManager() - Method in class org.elasticsearch.common.ssl.StoreKeyConfig
- createSslContext() - Method in class org.elasticsearch.common.ssl.SslConfiguration
-
Dynamically create a new SSL context based on the current state of the configuration.
- createTrustManager() - Method in class org.elasticsearch.common.ssl.PemTrustConfig
- createTrustManager() - Method in interface org.elasticsearch.common.ssl.SslTrustConfig
D
- describeValidHostnames(X509Certificate) - Static method in class org.elasticsearch.common.ssl.SslDiagnostics
- DiagnosticTrustManager - Class in org.elasticsearch.common.ssl
- DiagnosticTrustManager(X509ExtendedTrustManager, Supplier<String>, DiagnosticTrustManager.DiagnosticLogger) - Constructor for class org.elasticsearch.common.ssl.DiagnosticTrustManager
- DiagnosticTrustManager.DiagnosticLogger - Interface in org.elasticsearch.common.ssl
-
This interface exists because the ssl-config library does not depend on log4j, however the whole purpose of this class is to log diagnostic messages, so it must be provided with a function by which it can do that.
E
- enabled() - Method in enum org.elasticsearch.common.ssl.SslClientAuthenticationMode
- equals(Object) - Method in class org.elasticsearch.common.ssl.PemKeyConfig
- equals(Object) - Method in class org.elasticsearch.common.ssl.PemTrustConfig
- equals(Object) - Method in class org.elasticsearch.common.ssl.SslConfiguration
F
- FULL - org.elasticsearch.common.ssl.SslVerificationMode
-
Verify the provided certificate against the trust chain, and also verify that the hostname to which this client is connected matches one of the Subject-Alternative-Names in the certificate.
G
- getAcceptedIssuers() - Method in class org.elasticsearch.common.ssl.DiagnosticTrustManager
- getCipherSuites() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- getClientAuth() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- getDependentFiles() - Method in class org.elasticsearch.common.ssl.PemKeyConfig
- getDependentFiles() - Method in class org.elasticsearch.common.ssl.PemTrustConfig
- getDependentFiles() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- getDependentFiles() - Method in interface org.elasticsearch.common.ssl.SslKeyConfig
- getDependentFiles() - Method in interface org.elasticsearch.common.ssl.SslTrustConfig
- getDependentFiles() - Method in class org.elasticsearch.common.ssl.StoreKeyConfig
- getKeyConfig() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- getListKeys() - Static method in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The list of keys that are used to load a non-secure, list setting
- getSecureSetting(String) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Clients of this class should implement this method to load a fully-qualified key from the preferred secure settings source.
- getSecureStringKeys() - Static method in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The list of keys that are used to load a secure setting (such as a password) that would typically be stored in the elasticsearch keystore.
- getSettingAsList(String) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Clients of this class should implement this method to load a fully-qualified key from the preferred settings source.
- getSettingAsString(String) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Clients of this class should implement this method to load a fully-qualified key from the preferred settings source.
- getStringKeys() - Static method in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The list of keys that are used to load a non-secure, non-list setting
- getSupportedProtocols() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- getTrustConfig() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- getTrustDiagnosticFailure(X509Certificate[], SslDiagnostics.PeerType, SSLSession, String, Map<String, List<X509Certificate>>) - Static method in class org.elasticsearch.common.ssl.SslDiagnostics
- getVerificationMode() - Method in class org.elasticsearch.common.ssl.SslConfiguration
H
- hashCode() - Method in class org.elasticsearch.common.ssl.PemKeyConfig
- hashCode() - Method in class org.elasticsearch.common.ssl.PemTrustConfig
- hashCode() - Method in class org.elasticsearch.common.ssl.SslConfiguration
I
- isCertificateVerificationEnabled() - Method in enum org.elasticsearch.common.ssl.SslVerificationMode
- isDeprecated(String) - Static method in class org.elasticsearch.common.ssl.SslConfigurationKeys
- isHostnameVerificationEnabled() - Method in enum org.elasticsearch.common.ssl.SslVerificationMode
K
- KEY - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The path to a PEM formatted file that contains the private key for the configured
SslConfigurationKeys.CERTIFICATE. - KEY_LEGACY_PASSPHRASE - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password to read the configured
SslConfigurationKeys.KEY, as a non-secure setting. - KEY_SECURE_PASSPHRASE - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password to read the configured
SslConfigurationKeys.KEY, as a secure setting. - KEYSTORE_ALGORITHM - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The
key management algorithmto use when connstructing a Key manager from akeystore. - KEYSTORE_LEGACY_KEY_PASSWORD - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password for the key within the
configured keystore, as a non-secure setting. - KEYSTORE_LEGACY_PASSWORD - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password for the file configured in
SslConfigurationKeys.KEYSTORE_PATH, as a non-secure setting. - KEYSTORE_PATH - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The path to a KeyStore file (in a format supported by this JRE) that should be used for key management
- KEYSTORE_SECURE_KEY_PASSWORD - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password for the key within the
configured keystore, as a secure setting. - KEYSTORE_SECURE_PASSWORD - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password for the file configured in
SslConfigurationKeys.KEYSTORE_PATH, as a secure setting. - KEYSTORE_TYPE - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The
keystore typefor the file configured inSslConfigurationKeys.KEYSTORE_PATH.
L
- load(Path) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Resolve all necessary configuration settings, and load a
SslConfiguration.
N
- NONE - org.elasticsearch.common.ssl.SslClientAuthenticationMode
-
Never request a client certificate.
- NONE - org.elasticsearch.common.ssl.SslVerificationMode
-
Verify neither the hostname, nor the provided certificate.
O
- OPTIONAL - org.elasticsearch.common.ssl.SslClientAuthenticationMode
-
Request a client certificate, but do not enforce that one is provided.
- org.elasticsearch.common.ssl - package org.elasticsearch.common.ssl
P
- parse(String) - Static method in enum org.elasticsearch.common.ssl.SslClientAuthenticationMode
- parse(String) - Static method in enum org.elasticsearch.common.ssl.SslVerificationMode
- PemKeyConfig - Class in org.elasticsearch.common.ssl
-
A
SslKeyConfigthat reads from PEM formatted paths. - PemKeyConfig(Path, Path, char[]) - Constructor for class org.elasticsearch.common.ssl.PemKeyConfig
- PemTrustConfig - Class in org.elasticsearch.common.ssl
-
A
SslTrustConfigthat reads a list of PEM encoded trusted certificates (CAs) from the file system. - PemTrustConfig(List<Path>) - Constructor for class org.elasticsearch.common.ssl.PemTrustConfig
-
Construct a new trust config for the provided paths.
- PemUtils - Class in org.elasticsearch.common.ssl
- PROTOCOLS - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The SSL/TLS protocols (i.e.
R
- readCertificates(Collection<Path>) - Static method in class org.elasticsearch.common.ssl.PemUtils
- readPrivateKey(Path, Supplier<char[]>) - Static method in class org.elasticsearch.common.ssl.PemUtils
-
Creates a
PrivateKeyfrom the contents of a file. - REQUIRED - org.elasticsearch.common.ssl.SslClientAuthenticationMode
-
Request and require a client certificate.
S
- SERVER - org.elasticsearch.common.ssl.SslDiagnostics.PeerType
- setDefaultCiphers(List<String>) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Change the default supported ciphers.
- setDefaultClientAuth(SslClientAuthenticationMode) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Change the default client authentication mode.
- setDefaultKeyConfig(SslKeyConfig) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Change the default key config.
- setDefaultProtocols(List<String>) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Change the default SSL/TLS protocol list.
- setDefaultTrustConfig(SslTrustConfig) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Change the default trust config.
- setDefaultVerificationMode(SslVerificationMode) - Method in class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Change the default verification mode.
- SslClientAuthenticationMode - Enum in org.elasticsearch.common.ssl
-
The client authentication mode that is used for SSL servers.
- SslConfigException - Exception in org.elasticsearch.common.ssl
-
A base exception for problems that occur while trying to configure SSL.
- SslConfigException(String) - Constructor for exception org.elasticsearch.common.ssl.SslConfigException
- SslConfigException(String, Exception) - Constructor for exception org.elasticsearch.common.ssl.SslConfigException
- SslConfiguration - Class in org.elasticsearch.common.ssl
-
A object encapsulating all necessary configuration for an SSL context (client or server).
- SslConfiguration(SslTrustConfig, SslKeyConfig, SslVerificationMode, SslClientAuthenticationMode, List<String>, List<String>) - Constructor for class org.elasticsearch.common.ssl.SslConfiguration
- SslConfigurationKeys - Class in org.elasticsearch.common.ssl
-
Utility class for handling the standard setting keys for use in SSL configuration.
- SslConfigurationLoader - Class in org.elasticsearch.common.ssl
-
Loads
SslConfigurationfrom settings. - SslConfigurationLoader(String) - Constructor for class org.elasticsearch.common.ssl.SslConfigurationLoader
-
Construct a new loader with the "standard" default values.
- SslDiagnostics - Class in org.elasticsearch.common.ssl
- SslDiagnostics() - Constructor for class org.elasticsearch.common.ssl.SslDiagnostics
- SslDiagnostics.PeerType - Enum in org.elasticsearch.common.ssl
- SslKeyConfig - Interface in org.elasticsearch.common.ssl
-
An interface for building a key manager at runtime.
- SslTrustConfig - Interface in org.elasticsearch.common.ssl
-
An interface for building a trust manager at runtime.
- SslUtil - Class in org.elasticsearch.common.ssl
- SslVerificationMode - Enum in org.elasticsearch.common.ssl
-
Represents the verification mode to be used for SSL connections.
- StoreKeyConfig - Class in org.elasticsearch.common.ssl
-
A
SslKeyConfigthat builds a Key Manager from a keystore file.
T
- toString() - Method in class org.elasticsearch.common.ssl.PemKeyConfig
- toString() - Method in class org.elasticsearch.common.ssl.PemTrustConfig
- toString() - Method in class org.elasticsearch.common.ssl.SslConfiguration
- TRUSTSTORE_ALGORITHM - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The
trust management algorithmto use when configuring trust with atruststore. - TRUSTSTORE_LEGACY_PASSWORD - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password for the file configured in
SslConfigurationKeys.TRUSTSTORE_PATH, as a non-secure setting. - TRUSTSTORE_PATH - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The path to a KeyStore file (in a format supported by this JRE) that should be used as a trust-store
- TRUSTSTORE_SECURE_PASSWORD - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The password for the file configured in
SslConfigurationKeys.TRUSTSTORE_PATH, as a secure setting. - TRUSTSTORE_TYPE - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
The
keystore typefor the file configured inSslConfigurationKeys.TRUSTSTORE_PATH.
V
- valueOf(String) - Static method in enum org.elasticsearch.common.ssl.SslClientAuthenticationMode
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.elasticsearch.common.ssl.SslDiagnostics.PeerType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.elasticsearch.common.ssl.SslVerificationMode
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum org.elasticsearch.common.ssl.SslClientAuthenticationMode
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.elasticsearch.common.ssl.SslDiagnostics.PeerType
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.elasticsearch.common.ssl.SslVerificationMode
-
Returns an array containing the constants of this enum type, in the order they are declared.
- VERIFICATION_MODE - Static variable in class org.elasticsearch.common.ssl.SslConfigurationKeys
-
Whether certificate and/or hostname verification should be used
W
- warning(String, GeneralSecurityException) - Method in interface org.elasticsearch.common.ssl.DiagnosticTrustManager.DiagnosticLogger
All Classes|All Packages