Package io.grpc

Class TlsServerCredentials.Builder

    • Method Detail

      • keyManager

        public TlsServerCredentials.Builder keyManager​(File certChain,
                                               File privateKey)
                                        throws IOException
        Use the provided certificate chain and private key as the server's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
        Throws:
        IOException

      • keyManager

        public TlsServerCredentials.Builder keyManager​(File certChain,
                                               File privateKey,
                                               String privateKeyPassword)
                                        throws IOException
        Use the provided certificate chain and possibly-encrypted private key as the server's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
        Throws:
        IOException

      • keyManager

        public TlsServerCredentials.Builder keyManager​(InputStream certChain,
                                               InputStream privateKey)
                                        throws IOException
        Use the provided certificate chain and private key as the server's identity. Generally they should be PEM-encoded and the key is an unencrypted PKCS#8 key (file headers have "BEGIN CERTIFICATE" and "BEGIN PRIVATE KEY").
        Throws:
        IOException

      • keyManager

        public TlsServerCredentials.Builder keyManager​(InputStream certChain,
                                               InputStream privateKey,
                                               String privateKeyPassword)
                                        throws IOException
        Use the provided certificate chain and possibly-encrypted private key as the server's identity. Generally they should be PEM-encoded and the key is a PKCS#8 key. If the private key is unencrypted, then password must be null.
        Throws:
        IOException

      • keyManager

        public TlsServerCredentials.Builder keyManager​(KeyManager... keyManagers)
        Have the provided key manager select the server's identity. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509KeyManager.

      • trustManager

        public TlsServerCredentials.Builder trustManager​(File rootCerts)
                                          throws IOException
        Use the provided root certificates to verify the client's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
        Throws:
        IOException

      • trustManager

        public TlsServerCredentials.Builder trustManager​(InputStream rootCerts)
                                          throws IOException
        Use the provided root certificates to verify the client's identity instead of the system's default. Generally they should be PEM-encoded with all the certificates concatenated together (file header has "BEGIN CERTIFICATE", and would occur once per certificate).
        Throws:
        IOException

      • trustManager

        public TlsServerCredentials.Builder trustManager​(TrustManager... trustManagers)
        Have the provided trust manager verify the client's identity instead of the system's default. Although multiple are allowed, only the first instance implementing a particular interface is used. So generally there will just be a single entry and it implements X509TrustManager.