org.apache.tinkerpop.gremlin.server

Class Settings.SslSettings

java.lang.Object

org.apache.tinkerpop.gremlin.server.Settings.SslSettings

Enclosing class:

Settings

public static class Settings.SslSettings
extends Object

Settings to configure SSL support.

Field Summary

Fields

Modifier and Type	Field and Description
boolean	enabled Enables SSL.
String	keyCertChainFile Deprecated. As of release 3.2.10, replaced by keyStore
String	keyFile Deprecated. As of release 3.2.10, replaced by keyStore
String	keyPassword Deprecated. As of release 3.2.10, replaced by keyStorePassword
String	keyStore The file location of the private key in JKS or PKCS#12 format.
String	keyStorePassword The password of the keyStore, or null if it's not password-protected.
String	keyStoreType The format of the keyStore, either JKS or PKCS12
ClientAuth	needClientAuth Require client certificate authentication
List<String>	sslCipherSuites A list of cipher suites to enable.
List<String>	sslEnabledProtocols A list of SSL protocols to enable.
String	trustCertChainFile Deprecated. As of release 3.2.10, replaced by trustStore
String	trustStore Trusted certificates for verifying the remote client's certificate.
String	trustStorePassword The password of the trustStore, or null if it's not password-protected.

Constructor Summary

Constructors

Constructor and Description
SslSettings()

Method Summary

Modifier and Type	Method and Description
Optional<SslContext>	getSslContext()
void	overrideSslContext(SslContext sslContext) When this value is set, the other settings for SSL are ignored.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

enabled

public boolean enabled

Enables SSL. Other SSL settings will be ignored unless this is set to true.

keyCertChainFile

@Deprecated
public String keyCertChainFile

Deprecated. As of release 3.2.10, replaced by keyStore

The X.509 certificate chain file in PEM format.

keyFile

@Deprecated
public String keyFile

Deprecated. As of release 3.2.10, replaced by keyStore

The PKCS#8 private key file in PEM format.

keyPassword

@Deprecated
public String keyPassword

Deprecated. As of release 3.2.10, replaced by keyStorePassword

The password of the keyFile, or null if it's not password-protected.

trustCertChainFile

@Deprecated
public String trustCertChainFile

Deprecated. As of release 3.2.10, replaced by trustStore

Trusted certificates for verifying the remote endpoint's certificate. The file should contain an X.509 certificate chain in PEM format. null uses the system default.

keyStore

public String keyStore

The file location of the private key in JKS or PKCS#12 format.

keyStorePassword

public String keyStorePassword

The password of the keyStore, or null if it's not password-protected.

trustStore

public String trustStore

Trusted certificates for verifying the remote client's certificate. If this value is not provided and SSL is enabled, the default TrustManager will be used.

trustStorePassword

public String trustStorePassword

The password of the trustStore, or null if it's not password-protected.

keyStoreType

public String keyStoreType

The format of the keyStore, either JKS or PKCS12

sslEnabledProtocols

public List<String> sslEnabledProtocols

A list of SSL protocols to enable. @see JSSE Protocols

sslCipherSuites

public List<String> sslCipherSuites

A list of cipher suites to enable. @see Cipher Suites

needClientAuth

public ClientAuth needClientAuth

Require client certificate authentication

Constructor Detail

SslSettings

public SslSettings()

Method Detail

overrideSslContext

public void overrideSslContext(SslContext sslContext)

When this value is set, the other settings for SSL are ignored. This option provides for a programmatic way to configure more complex SSL configurations. The enabled setting should still be set to true for this setting to take effect.

getSslContext

public Optional<SslContext> getSslContext()