Package io.grpc

Class TlsChannelCredentials.Builder

java.lang.Object
io.grpc.TlsChannelCredentials.Builder
Enclosing class:
TlsChannelCredentials
public static final class TlsChannelCredentials.Builder extends Object
Builder for TlsChannelCredentials.

  • Method Details

    • requireFakeFeature

      public TlsChannelCredentials.Builder requireFakeFeature()
      Requires TlsChannelCredentials.Feature.FAKE to be understood. For use in testing consumers of this credential.

    • keyManager

      public TlsChannelCredentials.Builder keyManager(File certChain, File privateKey) throws IOException
      Use the provided certificate chain and private key as the client's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
      Throws:
      IOException

    • keyManager

      public TlsChannelCredentials.Builder keyManager(File certChain, File privateKey, String privateKeyPassword) throws IOException
      Use the provided certificate chain and possibly-encrypted private key as the client's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
      Throws:
      IOException

    • keyManager

      public TlsChannelCredentials.Builder keyManager(InputStream certChain, InputStream privateKey) throws IOException
      Use the provided certificate chain and private key as the client's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
      Throws:
      IOException

    • keyManager

      public TlsChannelCredentials.Builder keyManager(InputStream certChain, InputStream privateKey, String privateKeyPassword) throws IOException
      Use the provided certificate chain and possibly-encrypted private key as the client's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
      Throws:
      IOException

    • keyManager

      public TlsChannelCredentials.Builder keyManager(KeyManager... keyManagers)
      Have the provided key manager select the client's identity. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509KeyManager.

    • trustManager

      public TlsChannelCredentials.Builder trustManager(File rootCerts) throws IOException
      Use the provided root certificates to verify the server's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
      Throws:
      IOException

    • trustManager

      public TlsChannelCredentials.Builder trustManager(InputStream rootCerts) throws IOException
      Use the provided root certificates to verify the server's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
      Throws:
      IOException

    • trustManager

      public TlsChannelCredentials.Builder trustManager(TrustManager... trustManagers)
      Have the provided trust manager verify the server's identity instead of the system's default. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509TrustManager.

    • build

      public ChannelCredentials build()
      Construct the credentials.