Class RotatingKeysSSLEngineProvider

  • All Implemented Interfaces:
    SSLEngineProvider

    public final class RotatingKeysSSLEngineProvider
    extends java.lang.Object
    implements SSLEngineProvider
    Variation on ConfigSSLEngineProvider that will periodically reload the keys and certificates from disk, to facilitate rolling updates of certificates.

    This class is still ApiMayChange because it can likely be further harmonized with the standard ConfigSSLEngineProvider. Also the location and default values of the configuration may change in future versions of Akka.

    This provider does not perform hostname verification, but instead allows checking that the remote certificate has a subject name that matches the subject name of the configured certificate.

    • Constructor Detail

      • RotatingKeysSSLEngineProvider

        public RotatingKeysSSLEngineProvider​(com.typesafe.config.Config config,
                                             MarkerLoggingAdapter log)
      • RotatingKeysSSLEngineProvider

        public RotatingKeysSSLEngineProvider​(ActorSystem system)
    • Method Detail

      • config

        public com.typesafe.config.Config config()
      • getSSLContext

        public javax.net.ssl.SSLContext getSSLContext()
        INTERNAL API
      • verifyClientSession

        public scala.Option<java.lang.Throwable> verifyClientSession​(java.lang.String hostname,
                                                                     javax.net.ssl.SSLSession session)
        Description copied from interface: SSLEngineProvider
        Verification that will be called after every successful handshake to verify additional session information. Return None if valid otherwise Some with explaining cause.
        Specified by:
        verifyClientSession in interface SSLEngineProvider
      • verifyServerSession

        public scala.Option<java.lang.Throwable> verifyServerSession​(java.lang.String hostname,
                                                                     javax.net.ssl.SSLSession session)
        Description copied from interface: SSLEngineProvider
        Verification that will be called after every successful handshake to verify additional session information. Return None if valid otherwise Some with explaining cause.
        Specified by:
        verifyServerSession in interface SSLEngineProvider