com.bloomberglp.blpapi

Class TlsOptions

java.lang.Object

com.bloomberglp.blpapi.TlsOptions

public class TlsOptions
extends Object

TlsOptions instances are sources of client credentials and trust material used by a session to establish secure mutually authenticated connections to endpoints.

The client credentials comprise an encrypted private key with a client certificate. The trust material comprises one or more certificates.

The favoured way to create TlsOptions objects is using the methods TlsOptions#createFromBlobs and TlsOptions#createFromFiles; both accept the DER encoded client credentials in PKCS#12 format and the DER encoded trusted material in PKCS#7 format. While these methods are expected to cover the vast majority of use cases, the TlsOptions#create method is provided for maximum flexibility. TlsOptions#create allows direct specification of a SSLContext that will be used in establishing secure connections.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	TlsOptions.TlsInitializationException

Method Summary

Modifier and Type	Method and Description
static TlsOptions	create(SSLContext sslContext) Creates a TlsOptions object with the specified sslContext.
static TlsOptions	createFromBlobs(byte[] clientCredentialsRawData, char[] clientCredentialsPassword, byte[] trustedCertificatesRawData) Creates TlsOptions using client credentials and trust material from the specified byte arrays.
static TlsOptions	createFromFiles(String clientCredentialsFileName, char[] clientCredentialsPassword, String trustedCertificatesFileName) Creates TlsOptions using client credentials and trust material from the specified files.
int	getCrlTimeout() Returns CRL timeout, which by default is 20 seconds.
SSLContext	getSslContext() Returns the SSLContext object that will be used in establishing secure connections.
int	getTlsHandshakeTimeout() Returns TLS handshake timeout, which by default is 10 seconds.
void	setCrlTimeout(int crlTimeout) Sets CRL fetch timeout.
void	setTlsHandshakeTimeout(int tlsHandshakeTimeout) Sets TLS handshake timeout.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

createFromFiles

public static TlsOptions createFromFiles(String clientCredentialsFileName,
                                         char[] clientCredentialsPassword,
                                         String trustedCertificatesFileName)
                                  throws TlsOptions.TlsInitializationException

Creates TlsOptions using client credentials and trust material from the specified files.

Parameters:

clientCredentialsFileName - DER encoded PKCS#12 file with client credentials

clientCredentialsPassword - password for client credentials file

trustedCertificatesFileName - DER encoded PKCS#7 file with trusted certificates

Returns:

a new TlsOptions object

Throws:

NullPointerException - if any argument is null

IllegalArgumentException - if either file exceeds 100 MB in size

TlsOptions.TlsInitializationException - if there was a problem retrieving the client credentials or trust material

createFromBlobs

public static TlsOptions createFromBlobs(byte[] clientCredentialsRawData,
                                         char[] clientCredentialsPassword,
                                         byte[] trustedCertificatesRawData)
                                  throws TlsOptions.TlsInitializationException

Creates TlsOptions using client credentials and trust material from the specified byte arrays.

Parameters:

clientCredentialsRawData - byte array containing DER encoded PKCS#12 store with client credentials

clientCredentialsPassword - password for the client credentials

trustedCertificatesRawData - byte array containing DER encoded PKCS#7 store with trusted certificates

Returns:

a new TlsOptions object

Throws:

NullPointerException - if any argument is null

TlsOptions.TlsInitializationException - if there was a problem retrieving the client credentials or trust material

create

public static TlsOptions create(SSLContext sslContext)

Creates a TlsOptions object with the specified sslContext.

Parameters:

sslContext - a context configured with DER encoded client credentials and DER encoded trusted material

Returns:

a new TlsOptions object

Throws:

NullPointerException - if argument is null

getSslContext

public SSLContext getSslContext()

Returns the SSLContext object that will be used in establishing secure connections.

Returns:

SSLContext

getTlsHandshakeTimeout

public int getTlsHandshakeTimeout()

Returns TLS handshake timeout, which by default is 10 seconds.

Returns:

TLS handshake timeout value in milliseconds

setTlsHandshakeTimeout

public void setTlsHandshakeTimeout(int tlsHandshakeTimeout)

Sets TLS handshake timeout.

Parameters:

tlsHandshakeTimeout - new timeout duration, a strictly positive number of milliseconds

Throws:

IllegalArgumentException - if the new timeout is not strictly positive

getCrlTimeout

public int getCrlTimeout()

Returns CRL timeout, which by default is 20 seconds.

Returns:

CRL fetch timeout in milliseconds

setCrlTimeout

public void setCrlTimeout(int crlTimeout)

Sets CRL fetch timeout.

Parameters:

crlTimeout - new timeout duration, a strictly positive number of milliseconds

Throws:

IllegalArgumentException - if the new timeout is not strictly positive