io.confluent.kafka.client.plugins.ssl.ConfluentTrustManagerHelper

public final class ConfluentTrustManagerHelper extends Object

Helper class to share code for trust manager implementations between io.confluent.kafka.client.plugins.ssl.ConfluentTrustManager and io.confluent.kafka.server.plugins.ssl.ConfluentTrustManager from broker-plugins.

Nested Class Summary

Nested Classes

Modifier and Type

Class

Description

static interface

ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier
Constructor Summary

Constructors

Constructor

Description

ConfluentTrustManagerHelper(Map<String,?> configs, Optional<org.apache.kafka.common.metrics.Sensor> minCertExpirySensor)
Method Summary

Modifier and Type

Method

Description

org.apache.kafka.server.traffic.TrafficNetworkIdRoutes

getNetworkRoutes()

static List<String>

getSubjectAltNames(X509Certificate cert)

boolean

isConfluentCert(X509Certificate cert, ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier altNameDnsDomainSuffixVerifier)

static Set<CertificateId>

revokedCertificateIds(Map<String,?> config)

boolean

verifyClientCerts(X509Certificate[] x509Certificates, ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier altNameDnsDomainSuffixVerifier)

boolean

verifyServerCerts(X509Certificate[] x509Certificates, ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier altNameDnsDomainSuffixVerifier)

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- ConfluentTrustManagerHelper
  
  public ConfluentTrustManagerHelper(Map<String,?> configs, Optional<org.apache.kafka.common.metrics.Sensor> minCertExpirySensor)
Method Details
- verifyClientCerts
  
  public boolean verifyClientCerts(X509Certificate[] x509Certificates, ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier altNameDnsDomainSuffixVerifier) throws CertificateException
  
  Throws:
  
  CertificateException
- verifyServerCerts
  
  public boolean verifyServerCerts(X509Certificate[] x509Certificates, ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier altNameDnsDomainSuffixVerifier) throws CertificateException
  
  Throws:
  
  CertificateException
- isConfluentCert
  
  public boolean isConfluentCert(X509Certificate cert, ConfluentTrustManagerHelper.AltNameDnsDomainSuffixVerifier altNameDnsDomainSuffixVerifier) throws CertificateException
  
  Throws:
  
  CertificateException
- getSubjectAltNames
  
  public static List<String> getSubjectAltNames(X509Certificate cert)
- revokedCertificateIds
  
  public static Set<CertificateId> revokedCertificateIds(Map<String,?> config)
- getNetworkRoutes
  
  public org.apache.kafka.server.traffic.TrafficNetworkIdRoutes getNetworkRoutes() throws CertificateException
  
  Throws:
  
  CertificateException

Class ConfluentTrustManagerHelper

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

ConfluentTrustManagerHelper

Method Details

verifyClientCerts

verifyServerCerts

isConfluentCert

getSubjectAltNames

revokedCertificateIds

getNetworkRoutes