Package org.elasticsearch.common.ssl

Class PemTrustConfig

java.lang.Object
org.elasticsearch.common.ssl.PemTrustConfig
All Implemented Interfaces:
SslTrustConfig
public final class PemTrustConfig
extends java.lang.Object
implements SslTrustConfig
A SslTrustConfig that reads a list of PEM encoded trusted certificates (CAs) from the file system. Strictly speaking, this class does not require PEM certificates, and will load any file that can be read by CertificateFactory.generateCertificate(InputStream).

  • Constructor Summary

    Constructors
    Constructor Description
    PemTrustConfig​(java.util.List<java.nio.file.Path> certificateAuthorities)
    Construct a new trust config for the provided paths.

  • Method Summary

    Modifier and Type Method Description
    javax.net.ssl.X509ExtendedTrustManager createTrustManager()  
    boolean equals​(java.lang.Object o)  
    java.util.Collection<java.nio.file.Path> getDependentFiles()  
    int hashCode()  
    java.lang.String toString()  

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • PemTrustConfig

      public PemTrustConfig​(java.util.List<java.nio.file.Path> certificateAuthorities)
      Construct a new trust config for the provided paths. The paths are stored as-is, and are not read until createTrustManager() is called. This means that
      1. validation of the file (contents and accessibility) is deferred, and this constructor will not fail on missing of invalid files.
      2. if the contents of the files are modified, then subsequent calls createTrustManager() will return a new trust manager that trust a different set of CAs.

  • Method Details

    • getDependentFiles

      public java.util.Collection<java.nio.file.Path> getDependentFiles()
      Specified by:
      getDependentFiles in interface SslTrustConfig
      Returns:
      A collection of files that are read by this config object. The SslTrustConfig.createTrustManager() method will read these files dynamically, so the behaviour of this trust config may change if any of these files are modified.

    • createTrustManager

      public javax.net.ssl.X509ExtendedTrustManager createTrustManager()
      Specified by:
      createTrustManager in interface SslTrustConfig
      Returns:
      A new X509ExtendedTrustManager.

    • toString

      public java.lang.String toString()
      Overrides:
      toString in class java.lang.Object

    • equals

      public boolean equals​(java.lang.Object o)
      Overrides:
      equals in class java.lang.Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class java.lang.Object