SSLContext() — netty Function Reference

Architecture documentation for the SSLContext() function in JdkSslServerContext.java from the netty codebase.

Function java Buffer Allocators calls 1

Entity Profile

Buffer→ Allocators→ SSLContext() — netty Function Reference

Dependency Diagram

graph TD
  9b49a65c_7f5f_3927_e295_319aa12bf09d["SSLContext()"]
  1676fcd7_94de_c9b5_7ee8_e94f94ffeb21["JdkSslServerContext"]
  9b49a65c_7f5f_3927_e295_319aa12bf09d -->|defined in| 1676fcd7_94de_c9b5_7ee8_e94f94ffeb21
  721d1894_07ae_4ae6_a7d5_54627c557712["wrapTrustManagerIfNeeded()"]
  9b49a65c_7f5f_3927_e295_319aa12bf09d -->|calls| 721d1894_07ae_4ae6_a7d5_54627c557712
  style 9b49a65c_7f5f_3927_e295_319aa12bf09d fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

handler/src/main/java/io/netty/handler/ssl/JdkSslServerContext.java lines 306–352

    private static SSLContext newSSLContext(Provider sslContextProvider, X509Certificate[] trustCertCollection,
                                            TrustManagerFactory trustManagerFactory, X509Certificate[] keyCertChain,
                                            PrivateKey key, String keyPassword, KeyManagerFactory keyManagerFactory,
                                            long sessionCacheSize, long sessionTimeout, SecureRandom secureRandom,
                                            String keyStore, ResumptionController resumptionController)
            throws SSLException {
        if (key == null && keyManagerFactory == null) {
            throw new NullPointerException("key, keyManagerFactory");
        }

        try {
            if (trustCertCollection != null) {
                trustManagerFactory = buildTrustManagerFactory(trustCertCollection, trustManagerFactory, keyStore);
            } else if (trustManagerFactory == null) {
                // Mimic the way SSLContext.getInstance(KeyManager[], null, null) works
                trustManagerFactory = TrustManagerFactory.getInstance(
                        TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
            }

            if (key != null) {
                keyManagerFactory = buildKeyManagerFactory(keyCertChain, null,
                        key, keyPassword, keyManagerFactory, null);
            }

            // Initialize the SSLContext to work with our key managers.
            SSLContext ctx = sslContextProvider == null ? SSLContext.getInstance(PROTOCOL)
                : SSLContext.getInstance(PROTOCOL, sslContextProvider);
            ctx.init(keyManagerFactory.getKeyManagers(),
                    wrapTrustManagerIfNeeded(trustManagerFactory.getTrustManagers(), resumptionController),
                     secureRandom);

            SSLSessionContext sessCtx = ctx.getServerSessionContext();
            if (sessionCacheSize > 0) {
                sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE));
            }
            if (sessionTimeout > 0) {
                sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE));
            }
            return ctx;
        } catch (Exception e) {
            if (e instanceof SSLException) {
                throw (SSLException) e;
            }
            throw new SSLException("failed to initialize the server-side SSL context", e);
        }
    }