Package io.grpc

Class TlsChannelCredentials.Builder

    • Method Detail

      • keyManager

        public TlsChannelCredentials.Builder keyManager​(java.io.File certChain,
                                                        java.io.File privateKey)
                                                 throws java.io.IOException
        Use the provided certificate chain and private key as the client's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
        Throws:
        java.io.IOException
      • keyManager

        public TlsChannelCredentials.Builder keyManager​(java.io.File certChain,
                                                        java.io.File privateKey,
                                                        java.lang.String privateKeyPassword)
                                                 throws java.io.IOException
        Use the provided certificate chain and possibly-encrypted private key as the client's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
        Throws:
        java.io.IOException
      • keyManager

        public TlsChannelCredentials.Builder keyManager​(java.io.InputStream certChain,
                                                        java.io.InputStream privateKey)
                                                 throws java.io.IOException
        Use the provided certificate chain and private key as the client's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
        Throws:
        java.io.IOException
      • keyManager

        public TlsChannelCredentials.Builder keyManager​(java.io.InputStream certChain,
                                                        java.io.InputStream privateKey,
                                                        java.lang.String privateKeyPassword)
                                                 throws java.io.IOException
        Use the provided certificate chain and possibly-encrypted private key as the client's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
        Throws:
        java.io.IOException
      • keyManager

        public TlsChannelCredentials.Builder keyManager​(javax.net.ssl.KeyManager... keyManagers)
        Have the provided key manager select the client's identity. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509KeyManager.
      • trustManager

        public TlsChannelCredentials.Builder trustManager​(java.io.File rootCerts)
                                                   throws java.io.IOException
        Use the provided root certificates to verify the server's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
        Throws:
        java.io.IOException
      • trustManager

        public TlsChannelCredentials.Builder trustManager​(java.io.InputStream rootCerts)
                                                   throws java.io.IOException
        Use the provided root certificates to verify the server's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
        Throws:
        java.io.IOException
      • trustManager

        public TlsChannelCredentials.Builder trustManager​(javax.net.ssl.TrustManager... trustManagers)
        Have the provided trust manager verify the server's identity instead of the system's default. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509TrustManager.