Interface CertificateProviderProvider

All Known Implementing Classes:
FileWatcherCertificateProviderProvider

@Internal public interface CertificateProviderProvider
Provider of CertificateProviders. Implemented by the implementer of the plugin. We may move this out of the internal package and make this an official API in the future.
  • Method Details

    • getName

      String getName()
      Returns the unique name of the CertificateProvider plugin.
    • createCertificateProvider

      CertificateProvider createCertificateProvider(Object config, CertificateProvider.DistributorWatcher watcher, boolean notifyCertUpdates)
      Creates a CertificateProvider plugin.
      Parameters:
      config - configuration needed by the Provider to create the CertificateProvider. A form of JSON that the Provider understands e.g. a string or a key-value Map.
      watcher - A CertificateProvider.Watcher to receive updates from the CertificateProvider
      notifyCertUpdates - if true, the provider is required to call the watcher’s updateCertificate method. Implies the Provider is capable of minting certificates. Used by server-side and mTLS client-side. Note the Provider is always required to call updateTrustedRoots to provide trusted-root updates.
      Throws:
      IllegalArgumentException - in case of errors in processing config.
      UnsupportedOperationException - if the plugin is incapable of sending cert updates when notifyCertUpdates is true.