Class CertProviderSslContextProvider
java.lang.Object
io.grpc.xds.internal.security.SslContextProvider
io.grpc.xds.internal.security.DynamicSslContextProvider
io.grpc.xds.internal.security.certprovider.CertProviderSslContextProvider
- All Implemented Interfaces:
CertificateProvider.Watcher
,Closeable
,Closeable
,AutoCloseable
- Direct Known Subclasses:
CertProviderClientSslContextProvider
,CertProviderServerSslContextProvider
abstract class CertProviderSslContextProvider
extends DynamicSslContextProvider
implements CertificateProvider.Watcher
Base class for
CertProviderClientSslContextProvider
.-
Nested Class Summary
Nested classes/interfaces inherited from class io.grpc.xds.internal.security.SslContextProvider
SslContextProvider.Callback, SslContextProvider.SslContextGetter
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final CertificateProviderStore.Handle
private final CommonTlsContext.CertificateProviderInstance
private final CertificateProviderStore.Handle
private final CommonTlsContext.CertificateProviderInstance
protected List
<X509Certificate> protected PrivateKey
protected List
<X509Certificate> Fields inherited from class io.grpc.xds.internal.security.DynamicSslContextProvider
pendingCallbacks, sslContext, staticCertificateValidationContext
Fields inherited from class io.grpc.xds.internal.security.SslContextProvider
tlsContext
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
CertProviderSslContextProvider
(Node node, Map<String, Bootstrapper.CertificateProviderInfo> certProviders, CommonTlsContext.CertificateProviderInstance certInstance, CommonTlsContext.CertificateProviderInstance rootCertInstance, CertificateValidationContext staticCertValidationContext, EnvoyServerProtoData.BaseTlsContext tlsContext, CertificateProviderStore certificateProviderStore) -
Method Summary
Modifier and TypeMethodDescriptionprivate void
final void
close()
Closes this provider and releases any resources.protected final CertificateValidationContext
private static Bootstrapper.CertificateProviderInfo
getCertProviderConfig
(Map<String, Bootstrapper.CertificateProviderInfo> certProviders, String pluginInstanceName) protected static CommonTlsContext.CertificateProviderInstance
getCertProviderInstance
(CommonTlsContext commonTlsContext) protected static CommonTlsContext.CertificateProviderInstance
getRootCertProviderInstance
(CommonTlsContext commonTlsContext) protected static CertificateValidationContext
getStaticValidationContext
(CommonTlsContext commonTlsContext) protected final boolean
protected final boolean
isMtls()
protected final boolean
final void
updateCertificate
(PrivateKey key, List<X509Certificate> certChain) private void
final void
updateTrustedRoots
(List<X509Certificate> trustedRoots) Methods inherited from class io.grpc.xds.internal.security.DynamicSslContextProvider
addCallback, callPerformCallback, getSslContext, getSslContextBuilder, onError, updateSslContext
Methods inherited from class io.grpc.xds.internal.security.SslContextProvider
getCommonTlsContext, getDownstreamTlsContext, getUpstreamTlsContext, performCallback, setClientAuthValues
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface io.grpc.xds.internal.security.certprovider.CertificateProvider.Watcher
onError
-
Field Details
-
certHandle
-
rootCertHandle
-
certInstance
-
rootCertInstance
-
savedKey
-
savedCertChain
-
savedTrustedRoots
-
-
Constructor Details
-
CertProviderSslContextProvider
protected CertProviderSslContextProvider(Node node, @Nullable Map<String, Bootstrapper.CertificateProviderInfo> certProviders, CommonTlsContext.CertificateProviderInstance certInstance, CommonTlsContext.CertificateProviderInstance rootCertInstance, CertificateValidationContext staticCertValidationContext, EnvoyServerProtoData.BaseTlsContext tlsContext, CertificateProviderStore certificateProviderStore)
-
-
Method Details
-
getCertProviderConfig
private static Bootstrapper.CertificateProviderInfo getCertProviderConfig(@Nullable Map<String, Bootstrapper.CertificateProviderInfo> certProviders, String pluginInstanceName) -
getCertProviderInstance
@Nullable protected static CommonTlsContext.CertificateProviderInstance getCertProviderInstance(CommonTlsContext commonTlsContext) -
getStaticValidationContext
@Nullable protected static CertificateValidationContext getStaticValidationContext(CommonTlsContext commonTlsContext) -
getRootCertProviderInstance
@Nullable protected static CommonTlsContext.CertificateProviderInstance getRootCertProviderInstance(CommonTlsContext commonTlsContext) -
updateCertificate
- Specified by:
updateCertificate
in interfaceCertificateProvider.Watcher
-
updateTrustedRoots
- Specified by:
updateTrustedRoots
in interfaceCertificateProvider.Watcher
-
updateSslContextWhenReady
private void updateSslContextWhenReady() -
clearKeysAndCerts
private void clearKeysAndCerts() -
isMtls
protected final boolean isMtls() -
isClientSideTls
protected final boolean isClientSideTls() -
isServerSideTls
protected final boolean isServerSideTls() -
generateCertificateValidationContext
- Specified by:
generateCertificateValidationContext
in classDynamicSslContextProvider
-
close
public final void close()Description copied from class:SslContextProvider
Closes this provider and releases any resources.- Specified by:
close
in interfaceAutoCloseable
- Specified by:
close
in interfaceCloseable
- Specified by:
close
in interfaceCloseable
- Specified by:
close
in classSslContextProvider
-