Class ConfluentKeyProvider
java.lang.Object
java.util.Dictionary<Object,Object>
java.util.Hashtable<Object,Object>
java.util.Properties
java.security.Provider
io.confluent.kafka.server.plugins.ssl.ConfluentKeyProvider
- All Implemented Interfaces:
Serializable, Cloneable, Map<Object,Object>
A Java Security Provider that registers the
ConfluentKeyManagerFactory.
This provider enables the JVM to use Confluent's custom key management for outbound mTLS connections, where the broker acts as a TLS client and needs to select which client certificate to present.
Certificate Selection Priority:
- SPIRE certificate - if SPIRE is enabled and the server accepts SPIRE CA
- Let's Encrypt server certificate as client certificate - if
useServerCertForClientAuthis enabled - Default client certificate - from the configured keystore
Usage:
Security.addProvider(new ConfluentKeyProvider(configs)); KeyManagerFactory kmf = KeyManagerFactory.getInstance(ConfluentKeyProvider.ALGORITHM);
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class Provider
Provider.Service -
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionConfluentKeyProvider(Map<String, ?> configs) Creates a ConfluentKeyProvider with the given configuration. -
Method Summary
Modifier and TypeMethodDescriptionvoidupdateConfigs(Map<String, ?> configs) Updates the provider's configuration for dynamic reconfiguration support.Methods inherited from class Provider
clear, compute, computeIfAbsent, computeIfPresent, configure, elements, entrySet, forEach, get, getInfo, getName, getOrDefault, getProperty, getService, getServices, getVersion, getVersionStr, isConfigured, keys, keySet, load, merge, put, putAll, putIfAbsent, remove, remove, replace, replace, replaceAll, toString, valuesMethods inherited from class Properties
clone, contains, containsKey, containsValue, equals, getProperty, hashCode, isEmpty, list, list, load, loadFromXML, propertyNames, save, setProperty, size, store, store, storeToXML, storeToXML, storeToXML, stringPropertyNames
-
Field Details
-
PROVIDER_NAME
-
KEY_PROVIDER_CONFIG
The property key for accessing the configuration from the provider.- See Also:
-
-
Constructor Details
-
ConfluentKeyProvider
-
-
Method Details
-
updateConfigs
-