Package io.grpc

Class TlsServerCredentials.Builder

java.lang.Object
io.grpc.TlsServerCredentials.Builder
Enclosing class:
TlsServerCredentials
public static final class TlsServerCredentials.Builder extends Object
Builder for TlsServerCredentials.

  • Method Details

    • requireFakeFeature

      public TlsServerCredentials.Builder requireFakeFeature()
      Requires TlsServerCredentials.Feature.FAKE to be understood. For use in testing consumers of this credential.

    • keyManager

      public TlsServerCredentials.Builder keyManager(File certChain, File privateKey) throws IOException
      Use the provided certificate chain and private key as the server's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
      Throws:
      IOException

    • keyManager

      public TlsServerCredentials.Builder keyManager(File certChain, File privateKey, String privateKeyPassword) throws IOException
      Use the provided certificate chain and possibly-encrypted private key as the server's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
      Throws:
      IOException

    • keyManager

      public TlsServerCredentials.Builder keyManager(InputStream certChain, InputStream privateKey) throws IOException
      Use the provided certificate chain and private key as the server's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
      Throws:
      IOException

    • keyManager

      public TlsServerCredentials.Builder keyManager(InputStream certChain, InputStream privateKey, String privateKeyPassword) throws IOException
      Use the provided certificate chain and possibly-encrypted private key as the server's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
      Throws:
      IOException

    • keyManager

      public TlsServerCredentials.Builder keyManager(KeyManager... keyManagers)
      Have the provided key manager select the server's identity. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509KeyManager.

    • clientAuth

      public TlsServerCredentials.Builder clientAuth(TlsServerCredentials.ClientAuth clientAuth)
      Indicates whether the server should expect a client's identity. Must not be null. Defaults to TlsServerCredentials.ClientAuth.NONE.

    • trustManager

      public TlsServerCredentials.Builder trustManager(File rootCerts) throws IOException
      Use the provided root certificates to verify the client's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
      Throws:
      IOException

    • trustManager

      public TlsServerCredentials.Builder trustManager(InputStream rootCerts) throws IOException
      Use the provided root certificates to verify the client's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
      Throws:
      IOException

    • trustManager

      public TlsServerCredentials.Builder trustManager(TrustManager... trustManagers)
      Have the provided trust manager verify the client's identity instead of the system's default. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509TrustManager.

    • build

      public ServerCredentials build()
      Construct the credentials.