Package io.dropwizard.logging

Class TlsSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware>

  • All Implemented Interfaces:
    Discoverable, AppenderFactory<E>
    public class TlsSocketAppenderFactory<E extends ch.qos.logback.core.spi.DeferredProcessingAware>
extends TcpSocketAppenderFactory<E>
    An AppenderFactory implementation which provides an appender that writes events to a TCP socket secured by the TLS/SSL protocol on the presentation layer.

    Configuration Parameters:

    Name Default Description
    keyStorePath (none) The path to the Java key store which contains the host certificate and private key.
    keyStorePassword (none) The password used to access the key store.
    keyStoreType JKS The type of key store (usually JKS, PKCS12, JCEKS, Windows-MY, or Windows-ROOT).
    keyStoreProvider (none) The JCE provider to use to access the key store.
    trustStorePath (none) The path to the Java key store which contains the CA certificates used to establish trust.
    trustStorePassword (none) The password used to access the trust store.
    trustStoreType JKS The type of trust store (usually JKS, PKCS12, JCEKS, Windows-MY, or Windows-ROOT).
    trustStoreProvider (none) The JCE provider to use to access the trust store.
    jceProvider (none) The name of the JCE provider to use for cryptographic support.
    validateCerts false Whether or not to validate TLS certificates before starting. If enabled, Dropwizard will refuse to start with expired or otherwise invalid certificates.
    validatePeers false Whether or not to validate TLS peer certificates.
    supportedProtocols JVM default A list of protocols (e.g., SSLv3, TLSv1) which are supported. All other protocols will be refused.
    excludedProtocols [SSL, SSLv2, SSLv2Hello, SSLv3] A list of protocols (e.g., SSLv3, TLSv1) which are excluded. These protocols will be refused.
    supportedCipherSuites JVM default A list of cipher suites (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) which are supported. All other cipher suites will be refused
    excludedCipherSuites [.*_(MD5|SHA|SHA1)$] A list of cipher suites (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256) which are excluded. These cipher suites will be refused.

    For more configuration parameters, see TcpSocketAppenderFactory.

    Since:
    2.0
    See Also:
    TcpSocketAppenderFactory

    • Constructor Detail

      • TlsSocketAppenderFactory

        public TlsSocketAppenderFactory()

    • Method Detail

      • isValidatePeers

        public boolean isValidatePeers()

      • setValidatePeers

        public void setValidatePeers​(boolean validatePeers)

      • isValidateCerts

        public boolean isValidateCerts()

      • setValidateCerts

        public void setValidateCerts​(boolean validateCerts)

      • getExcludedCipherSuites

        @Nullable
public List<String> getExcludedCipherSuites()

      • setExcludedCipherSuites

        public void setExcludedCipherSuites​(List<String> excludedCipherSuites)

      • getSupportedCipherSuites

        @Nullable
public List<String> getSupportedCipherSuites()

      • setSupportedCipherSuites

        public void setSupportedCipherSuites​(List<String> supportedCipherSuites)

      • getExcludedProtocols

        @Nullable
public List<String> getExcludedProtocols()

      • setExcludedProtocols

        public void setExcludedProtocols​(List<String> excludedProtocols)

      • getSupportedProtocols

        @Nullable
public List<String> getSupportedProtocols()

      • setSupportedProtocols

        public void setSupportedProtocols​(List<String> supportedProtocols)

      • getTrustStoreProvider

        @Nullable
public String getTrustStoreProvider()

      • setTrustStoreProvider

        public void setTrustStoreProvider​(String trustStoreProvider)

      • getTrustStoreType

        @Nullable
public String getTrustStoreType()

      • setTrustStoreType

        public void setTrustStoreType​(String trustStoreType)

      • getTrustStorePassword

        @Nullable
public String getTrustStorePassword()

      • setTrustStorePassword

        public void setTrustStorePassword​(String trustStorePassword)

      • getTrustStorePath

        @Nullable
public String getTrustStorePath()

      • setTrustStorePath

        public void setTrustStorePath​(String trustStorePath)

      • getKeyStoreProvider

        @Nullable
public String getKeyStoreProvider()

      • setKeyStoreProvider

        public void setKeyStoreProvider​(String keyStoreProvider)

      • getKeyStoreType

        @Nullable
public String getKeyStoreType()

      • setKeyStoreType

        public void setKeyStoreType​(String keyStoreType)

      • getKeyStorePassword

        @Nullable
public String getKeyStorePassword()

      • setKeyStorePassword

        public void setKeyStorePassword​(String keyStorePassword)

      • getKeyStorePath

        @Nullable
public String getKeyStorePath()

      • setKeyStorePath

        public void setKeyStorePath​(String keyStorePath)

      • getJceProvider

        @Nullable
public String getJceProvider()

      • setJceProvider

        public void setJceProvider​(String jceProvider)