Move logic for constructing SSLContext to builder

2 files changed, 17 insertions, 18 deletions

diff --git a/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java b/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java
index ae764bc9a3d..163da14cead 100644
--- a/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java
+++ b/vespa-feed-client/src/main/java/ai/vespa/feed/client/ApacheCluster.java
@@ -127,7 +127,7 @@ class ApacheCluster implements Cluster {
                                                                                           .setInitialWindowSize(Integer.MAX_VALUE)
                                                                                           .build());
 
-        SSLContext sslContext = constructSslContext(builder);
+        SSLContext sslContext = builder.constructSslContext();
         String[] allowedCiphers = excludeH2Blacklisted(excludeWeak(sslContext.getSupportedSSLParameters().getCipherSuites()));
         if (allowedCiphers.length == 0)
             throw new IllegalStateException("No adequate SSL cipher suites supported by the JVM");
@@ -142,23 +142,6 @@ class ApacheCluster implements Cluster {
                                 .build();
     }
 
-    private static SSLContext constructSslContext(FeedClientBuilder builder) throws IOException {
-        if (builder.sslContext != null) return builder.sslContext;
-        SslContextBuilder sslContextBuilder = new SslContextBuilder();
-        if (builder.certificateFile != null && builder.privateKeyFile != null) {
-            sslContextBuilder.withCertificateAndKey(builder.certificateFile, builder.privateKeyFile);
-        } else if (builder.certificate != null && builder.privateKey != null) {
-            sslContextBuilder.withCertificateAndKey(builder.certificate, builder.privateKey);
-        }
-        if (builder.caCertificatesFile != null) {
-            sslContextBuilder.withCaCertificates(builder.caCertificatesFile);
-        } else if (builder.caCertificates != null) {
-            sslContextBuilder.withCaCertificates(builder.caCertificates);
-        }
-        return sslContextBuilder.build();
-    }
-
-
     private static class ApacheHttpResponse implements HttpResponse {
 
         private final SimpleHttpResponse wrapped;
diff --git a/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java b/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java
index 2c8e62d81c6..df1f3bcd54c 100644
--- a/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java
+++ b/vespa-feed-client/src/main/java/ai/vespa/feed/client/FeedClientBuilder.java
@@ -150,6 +150,22 @@ public class FeedClientBuilder {
         }
     }
 
+    SSLContext constructSslContext() throws IOException {
+        if (sslContext != null) return sslContext;
+        SslContextBuilder sslContextBuilder = new SslContextBuilder();
+        if (certificateFile != null && privateKeyFile != null) {
+            sslContextBuilder.withCertificateAndKey(certificateFile, privateKeyFile);
+        } else if (certificate != null && privateKey != null) {
+            sslContextBuilder.withCertificateAndKey(certificate, privateKey);
+        }
+        if (caCertificatesFile != null) {
+            sslContextBuilder.withCaCertificates(caCertificatesFile);
+        } else if (caCertificates != null) {
+            sslContextBuilder.withCaCertificates(caCertificates);
+        }
+        return sslContextBuilder.build();
+    }
+
     private void validateConfiguration() {
         if (sslContext != null && (
                 certificateFile != null || caCertificatesFile != null || privateKeyFile != null ||