org.apache.brooklyn.entity.proxy

Class ProxySslConfig

java.lang.Object

org.apache.brooklyn.entity.proxy.ProxySslConfig

All Implemented Interfaces:

java.io.Serializable

public class ProxySslConfig
extends java.lang.Object
implements java.io.Serializable

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ProxySslConfig.Builder

Constructor Summary

Constructors

Constructor and Description
ProxySslConfig()

Method Summary

Modifier and Type	Method and Description
static ProxySslConfig.Builder	builder()
boolean	equals(java.lang.Object obj)
static ProxySslConfig	fromMap(java.util.Map<?,?> map)
java.lang.String	getCertificateDestination() Sets the ssl_certificate_path to be used within the generated LoadBalancer configuration.
java.lang.String	getCertificateSourceUrl() URL for the SSL certificates required at the server.
java.lang.String	getClientCertificateDestination()
java.lang.String	getClientCertificateSourceUrl()
java.lang.String	getKeyDestination() Sets the ssl_certificate_key path to be used within the generated LoadBalancer configuration.
java.lang.String	getKeySourceUrl()
boolean	getReuseSessions() Whether to reuse SSL validation in the server (performance).
boolean	getTargetIsSsl() Whether the downstream server (if mapping) also expects https; default false.
boolean	getVerifyClient() Whether to verify the client using certificates; default false.
int	hashCode()
void	setCertificateDestination(java.lang.String certificateDestination)
void	setCertificateSourceUrl(java.lang.String certificateSourceUrl)
void	setClientCertificateDestination(java.lang.String clientCertificateDestination)
void	setClientCertificateSourceUrl(java.lang.String clientCertificateSourceUrl)
void	setKeyDestination(java.lang.String keyDestination)
void	setKeySourceUrl(java.lang.String keySourceUrl)
void	setReuseSessions(boolean reuseSessions)
void	setTargetIsSsl(boolean targetIsSsl)
void	setVerifyClient(boolean verifyClient)

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ProxySslConfig

public ProxySslConfig()

Method Detail

builder

public static ProxySslConfig.Builder builder()

fromMap

public static ProxySslConfig fromMap(java.util.Map<?,?> map)

getCertificateSourceUrl

public java.lang.String getCertificateSourceUrl()

URL for the SSL certificates required at the server.

Corresponding nginx settings:

     ssl                  on;
     ssl_certificate      www.example.com.crt;
     ssl_certificate_key  www.example.com.key;
 

Okay (in nginx) for key to be null if certificate contains both as per setup at http://nginx.org/en/docs/http/configuring_https_servers.html

Proxy object can be set on nginx instance to apply site-wide, and to put multiple servers in the certificate file

The brooklyn entity will install the certificate/key(s) on the server. (however it will not currently merge multiple certificates. if conflicting certificates are attempted to be installed nginx will complain.)

setCertificateSourceUrl

public void setCertificateSourceUrl(java.lang.String certificateSourceUrl)

getKeySourceUrl

public java.lang.String getKeySourceUrl()

See Also:

getCertificateSourceUrl()}

setKeySourceUrl

public void setKeySourceUrl(java.lang.String keySourceUrl)

getClientCertificateSourceUrl

public java.lang.String getClientCertificateSourceUrl()

setClientCertificateSourceUrl

public void setClientCertificateSourceUrl(java.lang.String clientCertificateSourceUrl)

getCertificateDestination

public java.lang.String getCertificateDestination()

Sets the ssl_certificate_path to be used within the generated LoadBalancer configuration.

If set to null, Brooklyn will use an auto generated path.

If certificateSourceUrl is set * then Brooklyn will copy the certificate the destination.

Setting this field is useful if there is a certificate on the nginx machine you want to make use of.

setCertificateDestination

public void setCertificateDestination(java.lang.String certificateDestination)

getKeyDestination

public java.lang.String getKeyDestination()

Sets the ssl_certificate_key path to be used within the generated LoadBalancer configuration.

If set to null, Brooklyn will use an auto generated path.

If keySourceUrl is set then Brooklyn will copy the certificate to the destination.

Setting this field is useful if there is a certificate_key on the nginx machine you want to make use of.

setKeyDestination

public void setKeyDestination(java.lang.String keyDestination)

getClientCertificateDestination

public java.lang.String getClientCertificateDestination()

setClientCertificateDestination

public void setClientCertificateDestination(java.lang.String clientCertificateDestination)

getVerifyClient

public boolean getVerifyClient()

Whether to verify the client using certificates; default false.

setVerifyClient

public void setVerifyClient(boolean verifyClient)

getTargetIsSsl

public boolean getTargetIsSsl()

Whether the downstream server (if mapping) also expects https; default false.

setTargetIsSsl

public void setTargetIsSsl(boolean targetIsSsl)

getReuseSessions

public boolean getReuseSessions()

Whether to reuse SSL validation in the server (performance).

Corresponds to nginx setting proxy_ssl_session_reuse on|off.

setReuseSessions

public void setReuseSessions(boolean reuseSessions)

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object

equals

public boolean equals(java.lang.Object obj)

Overrides:

equals in class java.lang.Object