Package org.elasticsearch.common.ssl

Class SslConfigurationKeys

java.lang.Object

org.elasticsearch.common.ssl.SslConfigurationKeys

public class SslConfigurationKeys
extends Object

Utility class for handling the standard setting keys for use in SSL configuration.

See Also:

SslConfiguration, SslConfigurationLoader

Field Summary

Fields

Modifier and Type	Field	Description
static String	CERTIFICATE	The path to a PEM formatted file that contains the certificate to be used as part of key management
static String	CERTIFICATE_AUTHORITIES	A list of paths to PEM formatted certificates that should be trusted as CAs
static String	CIPHERS	The SSL/TLS cipher suites that should be used
static String	CLIENT_AUTH	When operating as a server, whether to request/require client certificates
static String	KEY	The path to a PEM formatted file that contains the private key for the configured CERTIFICATE.
static String	KEY_LEGACY_PASSPHRASE	The password to read the configured KEY, as a non-secure setting.
static String	KEY_SECURE_PASSPHRASE	The password to read the configured KEY, as a secure setting.
static String	KEYSTORE_ALGORITHM	The key management algorithm to use when connstructing a Key manager from a keystore.
static String	KEYSTORE_LEGACY_KEY_PASSWORD	The password for the key within the configured keystore, as a non-secure setting.
static String	KEYSTORE_LEGACY_PASSWORD	The password for the file configured in KEYSTORE_PATH, as a non-secure setting.
static String	KEYSTORE_PATH	The path to a KeyStore file (in a format supported by this JRE) that should be used for key management
static String	KEYSTORE_SECURE_KEY_PASSWORD	The password for the key within the configured keystore, as a secure setting.
static String	KEYSTORE_SECURE_PASSWORD	The password for the file configured in KEYSTORE_PATH, as a secure setting.
static String	KEYSTORE_TYPE	The keystore type for the file configured in KEYSTORE_PATH.
static String	PROTOCOLS	The SSL/TLS protocols (i.e.
static String	TRUSTSTORE_ALGORITHM	The trust management algorithm to use when configuring trust with a truststore.
static String	TRUSTSTORE_LEGACY_PASSWORD	The password for the file configured in TRUSTSTORE_PATH, as a non-secure setting.
static String	TRUSTSTORE_PATH	The path to a KeyStore file (in a format supported by this JRE) that should be used as a trust-store
static String	TRUSTSTORE_SECURE_PASSWORD	The password for the file configured in TRUSTSTORE_PATH, as a secure setting.
static String	TRUSTSTORE_TYPE	The keystore type for the file configured in TRUSTSTORE_PATH.
static String	VERIFICATION_MODE	Whether certificate and/or hostname verification should be used

Method Summary

Modifier and Type	Method	Description
static List<String>	getListKeys()	The list of keys that are used to load a non-secure, list setting
static List<String>	getSecureStringKeys()	The list of keys that are used to load a secure setting (such as a password) that would typically be stored in the elasticsearch keystore.
static List<String>	getStringKeys()	The list of keys that are used to load a non-secure, non-list setting
static boolean	isDeprecated(String key)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

PROTOCOLS

public static final String PROTOCOLS

The SSL/TLS protocols (i.e. versions) that should be used

See Also:

Constant Field Values

CIPHERS

public static final String CIPHERS

The SSL/TLS cipher suites that should be used

See Also:

Constant Field Values

VERIFICATION_MODE

public static final String VERIFICATION_MODE

Whether certificate and/or hostname verification should be used

See Also:

Constant Field Values

CLIENT_AUTH

public static final String CLIENT_AUTH

When operating as a server, whether to request/require client certificates

See Also:

Constant Field Values

CERTIFICATE_AUTHORITIES

public static final String CERTIFICATE_AUTHORITIES

A list of paths to PEM formatted certificates that should be trusted as CAs

See Also:

Constant Field Values

TRUSTSTORE_PATH

public static final String TRUSTSTORE_PATH

The path to a KeyStore file (in a format supported by this JRE) that should be used as a trust-store

See Also:

Constant Field Values

TRUSTSTORE_SECURE_PASSWORD

public static final String TRUSTSTORE_SECURE_PASSWORD

The password for the file configured in TRUSTSTORE_PATH, as a secure setting.

See Also:

Constant Field Values

TRUSTSTORE_LEGACY_PASSWORD

public static final String TRUSTSTORE_LEGACY_PASSWORD

The password for the file configured in TRUSTSTORE_PATH, as a non-secure setting. The use of this setting is deprecated.

See Also:

Constant Field Values

TRUSTSTORE_TYPE

public static final String TRUSTSTORE_TYPE

The keystore type for the file configured in TRUSTSTORE_PATH.

See Also:

Constant Field Values

TRUSTSTORE_ALGORITHM

public static final String TRUSTSTORE_ALGORITHM

The trust management algorithm to use when configuring trust with a truststore.

See Also:

Constant Field Values

KEYSTORE_PATH

public static final String KEYSTORE_PATH

The path to a KeyStore file (in a format supported by this JRE) that should be used for key management

See Also:

Constant Field Values

KEYSTORE_SECURE_PASSWORD

public static final String KEYSTORE_SECURE_PASSWORD

The password for the file configured in KEYSTORE_PATH, as a secure setting.

See Also:

Constant Field Values

KEYSTORE_LEGACY_PASSWORD

public static final String KEYSTORE_LEGACY_PASSWORD

The password for the file configured in KEYSTORE_PATH, as a non-secure setting. The use of this setting is deprecated.

See Also:

Constant Field Values

KEYSTORE_SECURE_KEY_PASSWORD

public static final String KEYSTORE_SECURE_KEY_PASSWORD

The password for the key within the configured keystore, as a secure setting. If no key password is specified, it will default to the keystore password.

See Also:

Constant Field Values

KEYSTORE_LEGACY_KEY_PASSWORD

public static final String KEYSTORE_LEGACY_KEY_PASSWORD

The password for the key within the configured keystore, as a non-secure setting. The use of this setting is deprecated. If no key password is specified, it will default to the keystore password.

See Also:

Constant Field Values

KEYSTORE_TYPE

public static final String KEYSTORE_TYPE

The keystore type for the file configured in KEYSTORE_PATH.

See Also:

Constant Field Values

KEYSTORE_ALGORITHM

public static final String KEYSTORE_ALGORITHM

The key management algorithm to use when connstructing a Key manager from a keystore.

See Also:

Constant Field Values

CERTIFICATE

public static final String CERTIFICATE

The path to a PEM formatted file that contains the certificate to be used as part of key management

See Also:

Constant Field Values

KEY

public static final String KEY

The path to a PEM formatted file that contains the private key for the configured CERTIFICATE.

See Also:

Constant Field Values

KEY_SECURE_PASSPHRASE

public static final String KEY_SECURE_PASSPHRASE

The password to read the configured KEY, as a secure setting. This (or the legacy fallback) is required if the key file is encrypted.

See Also:

Constant Field Values

KEY_LEGACY_PASSPHRASE

public static final String KEY_LEGACY_PASSPHRASE

The password to read the configured KEY, as a non-secure setting. The use of this setting is deprecated.

See Also:

Constant Field Values

Method Details

getStringKeys

public static List<String> getStringKeys()

The list of keys that are used to load a non-secure, non-list setting

getListKeys

public static List<String> getListKeys()

The list of keys that are used to load a non-secure, list setting

getSecureStringKeys

public static List<String> getSecureStringKeys()

The list of keys that are used to load a secure setting (such as a password) that would typically be stored in the elasticsearch keystore.

isDeprecated

public static boolean isDeprecated(String key)

Returns:

true if the provided key is a deprecated setting