summaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
diff options
context:
space:
mode:
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java')
-rw-r--r--security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java13
1 files changed, 5 insertions, 8 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
index ef1762ea7cd..176c6f95749 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
@@ -8,9 +8,8 @@ import com.yahoo.security.MutableX509KeyManager;
import com.yahoo.security.MutableX509TrustManager;
import com.yahoo.security.SslContextBuilder;
import com.yahoo.security.X509CertificateUtils;
+import com.yahoo.security.X509SslContext;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import java.io.IOException;
import java.io.UncheckedIOException;
@@ -113,22 +112,20 @@ public class ConfigFileBasedTlsContext implements TlsContext {
HostnameVerification hostnameVerification = options.isHostnameValidationDisabled() ? HostnameVerification.DISABLED : HostnameVerification.ENABLED;
PeerAuthorizerTrustManager authorizerTrustManager =
new PeerAuthorizerTrustManager(options.getAuthorizedPeers(), mode, hostnameVerification, mutableTrustManager);
- SSLContext sslContext = new SslContextBuilder()
+ var sslContext = new SslContextBuilder()
.withKeyManager(mutableKeyManager)
.withTrustManager(authorizerTrustManager)
- .build();
+ .buildContext();
List<String> acceptedCiphers = options.getAcceptedCiphers();
Set<String> ciphers = acceptedCiphers.isEmpty() ? TlsContext.ALLOWED_CIPHER_SUITES : new HashSet<>(acceptedCiphers);
List<String> acceptedProtocols = options.getAcceptedProtocols();
Set<String> protocols = acceptedProtocols.isEmpty() ? TlsContext.ALLOWED_PROTOCOLS : new HashSet<>(acceptedProtocols);
- return new DefaultTlsContext(sslContext, ciphers, protocols, peerAuthentication);
+ return DefaultTlsContext.of(sslContext, ciphers, protocols, peerAuthentication);
}
// Wrapped methods from TlsContext
- @Override public SSLContext context() { return tlsContext.context(); }
+ @Override public X509SslContext sslContext() { return tlsContext.sslContext(); }
@Override public SSLParameters parameters() { return tlsContext.parameters(); }
- @Override public SSLEngine createSslEngine() { return tlsContext.createSslEngine(); }
- @Override public SSLEngine createSslEngine(String peerHost, int peerPort) { return tlsContext.createSslEngine(peerHost, peerPort); }
@Override
public void close() {