@InterfaceAudience.Private @InterfaceStability.Evolving public class SSLFactory extends Object implements ConnectionConfigurator
ReloadingX509TrustManager
instance,
which reloads public keys if the truststore file changes.
This factory is used to configure HTTPS in Hadoop HTTP based endpoints, both
client and server.Modifier and Type | Class and Description |
---|---|
static class |
SSLFactory.Mode |
Modifier and Type | Field and Description |
---|---|
static boolean |
DEFAULT_SSL_REQUIRE_CLIENT_CERT |
static String |
KEYSTORES_FACTORY_CLASS_KEY |
static String |
SSL_CLIENT_CONF_KEY |
static String |
SSL_HOSTNAME_VERIFIER_KEY |
static String |
SSL_REQUIRE_CLIENT_CERT_KEY |
static String |
SSL_SERVER_CONF_KEY |
static String |
SSLCERTIFICATE |
Constructor and Description |
---|
SSLFactory(SSLFactory.Mode mode,
Configuration conf)
Creates an SSLFactory.
|
Modifier and Type | Method and Description |
---|---|
HttpURLConnection |
configure(HttpURLConnection conn)
If the given
HttpURLConnection is an HttpsURLConnection
configures the connection with the SSLSocketFactory and
HostnameVerifier of this SSLFactory, otherwise does nothing. |
SSLEngine |
createSSLEngine()
Returns a configured SSLEngine.
|
SSLServerSocketFactory |
createSSLServerSocketFactory()
Returns a configured SSLServerSocketFactory.
|
SSLSocketFactory |
createSSLSocketFactory()
Returns a configured SSLSocketFactory.
|
void |
destroy()
Releases any resources being used.
|
HostnameVerifier |
getHostnameVerifier()
Returns the hostname verifier it should be used in HttpsURLConnections.
|
KeyStoresFactory |
getKeystoresFactory()
Returns the SSLFactory KeyStoresFactory instance.
|
void |
init()
Initializes the factory.
|
boolean |
isClientCertRequired()
Returns if client certificates are required or not.
|
public static final String SSL_REQUIRE_CLIENT_CERT_KEY
public static final String SSL_HOSTNAME_VERIFIER_KEY
public static final String SSL_CLIENT_CONF_KEY
public static final String SSL_SERVER_CONF_KEY
public static final String SSLCERTIFICATE
public static final boolean DEFAULT_SSL_REQUIRE_CLIENT_CERT
public static final String KEYSTORES_FACTORY_CLASS_KEY
public SSLFactory(SSLFactory.Mode mode, Configuration conf)
mode
- SSLFactory mode, client or server.conf
- Hadoop configuration from where the SSLFactory configuration
will be read.public void init() throws GeneralSecurityException, IOException
GeneralSecurityException
- thrown if an SSL initialization error
happened.IOException
- thrown if an IO error happened while reading the SSL
configuration.public void destroy()
public KeyStoresFactory getKeystoresFactory()
public SSLEngine createSSLEngine() throws GeneralSecurityException, IOException
GeneralSecurityException
- thrown if the SSL engine could not
be initialized.IOException
- thrown if and IO error occurred while loading
the server keystore.public SSLServerSocketFactory createSSLServerSocketFactory() throws GeneralSecurityException, IOException
GeneralSecurityException
- thrown if the SSLSocketFactory could not
be initialized.IOException
- thrown if and IO error occurred while loading
the server keystore.public SSLSocketFactory createSSLSocketFactory() throws GeneralSecurityException, IOException
GeneralSecurityException
- thrown if the SSLSocketFactory could not
be initialized.IOException
- thrown if and IO error occurred while loading
the server keystore.public HostnameVerifier getHostnameVerifier()
public boolean isClientCertRequired()
public HttpURLConnection configure(HttpURLConnection conn) throws IOException
HttpURLConnection
is an HttpsURLConnection
configures the connection with the SSLSocketFactory
and
HostnameVerifier
of this SSLFactory, otherwise does nothing.configure
in interface ConnectionConfigurator
conn
- the HttpURLConnection
instance to configure.HttpURLConnection
instance.IOException
- if an IO error occurred.Copyright © 2013 Apache Software Foundation. All rights reserved.