Module lettuce.core
Package io.lettuce.core

Class SslOptions.Builder

java.lang.Object
io.lettuce.core.SslOptions.Builder
Enclosing class:
SslOptions
public static class SslOptions.Builder
extends Object
Builder for SslOptions.

  • Method Details

    • cipherSuites

      public SslOptions.Builder cipherSuites​(String... cipherSuites)
      Sets the cipher suites to use.
      Parameters:
      cipherSuites - cipher suites to use.
      Returns:
      this
      Since:
      5.3

    • jdkSslProvider

      public SslOptions.Builder jdkSslProvider()
      Use the JDK SSL provider for SSL connections.
      Returns:
      this

    • openSslProvider

      public SslOptions.Builder openSslProvider()
      Use the OpenSSL provider for SSL connections. The OpenSSL provider requires the netty-tcnative dependency with the OpenSSL JNI binary.
      Returns:
      this
      Throws:
      IllegalStateException - if OpenSSL is not available

    • handshakeTimeout

      public SslOptions.Builder handshakeTimeout​(Duration timeout)
      Sets a timeout for the SSL handshake.
      Parameters:
      timeout - Duration.
      Returns:
      this
      Since:
      5.3.2

    • keyStoreType

      public SslOptions.Builder keyStoreType​(String keyStoreType)
      Sets the KeyStore type. Defaults to KeyStore.getDefaultType() if not set.
      Parameters:
      keyStoreType - the keystore type to use, must not be null.
      Returns:
      this
      Since:
      5.3

    • keystore

      public SslOptions.Builder keystore​(File keystore)
      Sets the Keystore file to load client certificates. The key store file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The keystore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      keystore - the keystore file, must not be null.
      Returns:
      this
      Since:
      4.4

    • keystore

      public SslOptions.Builder keystore​(File keystore, char[] keystorePassword)
      Sets the Keystore file to load client certificates. The keystore file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The keystore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      keystore - the keystore file, must not be null.
      keystorePassword - the keystore password. May be empty to omit password and the keystore integrity check.
      Returns:
      this
      Since:
      4.4

    • keystore

      public SslOptions.Builder keystore​(URL keystore)
      Sets the Keystore resource to load client certificates. The keystore file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The keystore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      keystore - the keystore URL, must not be null.
      Returns:
      this
      Since:
      4.4

    • keystore

      public SslOptions.Builder keystore​(URL keystore, char[] keystorePassword)
      Sets the Keystore resource to load client certificates. The keystore file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The keystore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      keystore - the keystore file, must not be null.
      Returns:
      this
      Since:
      4.4

    • keyManager

      public SslOptions.Builder keyManager​(File keyCertChainFile, File keyFile, char[] keyPassword)
      Sets the key file and its certificate to use for client authentication. The key is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      keyCertChainFile - an X.509 certificate chain file in PEM format.
      keyFile - a PKCS#8 private key file in PEM format.
      keyPassword - the password of the keyFile, or null if it's not password-protected.
      Returns:
      this
      Since:
      5.3

    • keyManager

      public SslOptions.Builder keyManager​(SslOptions.Resource keyCertChain, SslOptions.Resource key, char[] keyPassword)
      Sets the key and its certificate to use for client authentication. The key is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      keyCertChain - an SslOptions.Resource for a X.509 certificate chain in PEM format.
      key - an SslOptions.Resource for a PKCS#8 private key in PEM format.
      keyPassword - the password of the keyFile, or null if it's not password-protected.
      Returns:
      this
      Since:
      5.3
      See Also:
      SslOptions.Resource

    • keyManager

      public SslOptions.Builder keyManager​(KeyManagerFactory keyManagerFactory)
      Sets the KeyManagerFactory.
      Parameters:
      keyManagerFactory - the KeyManagerFactory to use.
      Returns:
      this
      Since:
      5.3

    • keystore

      public SslOptions.Builder keystore​(SslOptions.Resource resource, char[] keystorePassword)
      Sets the Java Keystore resource to load client certificates. The keystore file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The keystore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      resource - the provider that opens a InputStream to the keystore file, must not be null.
      keystorePassword - the keystore password. May be empty to omit password and the keystore integrity check.
      Returns:
      this
      Since:
      5.3

    • protocols

      public SslOptions.Builder protocols​(String... protocols)
      Sets the protocol used for the connection established to Redis Server, such as TLSv1.2, TLSv1.1, TLSv1.
      Parameters:
      protocols - list of desired protocols to use.
      Returns:
      this
      Since:
      5.3

    • truststore

      public SslOptions.Builder truststore​(File truststore)
      Sets the Truststore file to load trusted certificates. The truststore file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The truststore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      truststore - the truststore file, must not be null.
      Returns:
      this

    • truststore

      public SslOptions.Builder truststore​(File truststore, String truststorePassword)
      Sets the Truststore file to load trusted certificates. The truststore file must be supported by KeyStore which is KeyStore.getDefaultType() by default. The truststore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      truststore - the truststore file, must not be null.
      truststorePassword - the truststore password. May be empty to omit password and the truststore integrity check.
      Returns:
      this

    • truststore

      public SslOptions.Builder truststore​(URL truststore)
      Sets the Truststore resource to load trusted certificates. The truststore resource must be supported by KeyStore which is KeyStore.getDefaultType() by default. The truststore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      truststore - the truststore file, must not be null.
      Returns:
      this

    • truststore

      public SslOptions.Builder truststore​(URL truststore, String truststorePassword)
      Sets the Truststore resource to load trusted certificates. The truststore resource must be supported by KeyStore which is KeyStore.getDefaultType() by default. The truststore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      truststore - the truststore file, must not be null.
      truststorePassword - the truststore password. May be empty to omit password and the truststore integrity check.
      Returns:
      this

    • trustManager

      public SslOptions.Builder trustManager​(File certCollection)
      Sets the certificate file to load trusted certificates. The file must provide X.509 certificates in PEM format. Certificates are reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      certCollection - the X.509 certificate collection in PEM format.
      Returns:
      this
      Since:
      5.3

    • trustManager

      public SslOptions.Builder trustManager​(SslOptions.Resource certCollection)
      Sets the certificate resource to load trusted certificates. The file must provide X.509 certificates in PEM format. Certificates are reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      certCollection - the X.509 certificate collection in PEM format.
      Returns:
      this
      Since:
      5.3

    • trustManager

      public SslOptions.Builder trustManager​(TrustManagerFactory trustManagerFactory)
      Sets the TrustManagerFactory.
      Parameters:
      trustManagerFactory - the TrustManagerFactory to use.
      Returns:
      this
      Since:
      5.3

    • truststore

      public SslOptions.Builder truststore​(SslOptions.Resource resource, char[] truststorePassword)
      Sets the Truststore resource to load trusted certificates. The truststore resource must be supported by KeyStore which is KeyStore.getDefaultType() by default. The truststore is reloaded on each connection attempt that allows to replace certificates during runtime.
      Parameters:
      resource - the provider that opens a InputStream to the keystore file, must not be null.
      truststorePassword - the truststore password. May be empty to omit password and the truststore integrity check.
      Returns:
      this

    • sslContext

      public SslOptions.Builder sslContext​(Consumer<SslContextBuilder> contextBuilderCustomizer)
      Applies a SslContextBuilder customizer by calling Consumer.accept(Object)
      Parameters:
      contextBuilderCustomizer - builder callback to customize the SslContextBuilder.
      Returns:
      this
      Since:
      5.3

    • sslParameters

      public SslOptions.Builder sslParameters​(Supplier<SSLParameters> sslParametersSupplier)
      Configures a Supplier to create SSLParameters.
      Parameters:
      sslParametersSupplier - Supplier for SSLParameters.
      Returns:
      this
      Since:
      5.3

    • build

      public SslOptions build()
      Create a new instance of SslOptions
      Returns:
      new instance of SslOptions