Package io.grpc

Class TlsChannelCredentials.Builder

    • Method Detail

      • keyManager

        public TlsChannelCredentials.Builder keyManager​(File certChain,
                                                File privateKey)
                                         throws IOException
        Use the provided certificate chain and private key as the client's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
        Throws:
        IOException

      • keyManager

        public TlsChannelCredentials.Builder keyManager​(File certChain,
                                                File privateKey,
                                                String privateKeyPassword)
                                         throws IOException
        Use the provided certificate chain and possibly-encrypted private key as the client's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
        Throws:
        IOException

      • keyManager

        public TlsChannelCredentials.Builder keyManager​(InputStream certChain,
                                                InputStream privateKey)
                                         throws IOException
        Use the provided certificate chain and private key as the client's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
        Throws:
        IOException

      • keyManager

        public TlsChannelCredentials.Builder keyManager​(InputStream certChain,
                                                InputStream privateKey,
                                                String privateKeyPassword)
                                         throws IOException
        Use the provided certificate chain and possibly-encrypted private key as the client's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
        Throws:
        IOException

      • keyManager

        public TlsChannelCredentials.Builder keyManager​(KeyManager... keyManagers)
        Have the provided key manager select the client's identity. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509KeyManager.

      • trustManager

        public TlsChannelCredentials.Builder trustManager​(File rootCerts)
                                           throws IOException
        Use the provided root certificates to verify the server's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
        Throws:
        IOException

      • trustManager

        public TlsChannelCredentials.Builder trustManager​(InputStream rootCerts)
                                           throws IOException
        Use the provided root certificates to verify the server's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
        Throws:
        IOException

      • trustManager

        public TlsChannelCredentials.Builder trustManager​(TrustManager... trustManagers)
        Have the provided trust manager verify the server's identity instead of the system's default. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509TrustManager.