diff --git a/integrations/oci/tls-certificates/src/main/java/io/helidon/integrations/oci/tls/certificates/DefaultOciCertificatesTlsManager.java b/integrations/oci/tls-certificates/src/main/java/io/helidon/integrations/oci/tls/certificates/DefaultOciCertificatesTlsManager.java index c5ca46b77d9..3a42eccba7c 100644 --- a/integrations/oci/tls-certificates/src/main/java/io/helidon/integrations/oci/tls/certificates/DefaultOciCertificatesTlsManager.java +++ b/integrations/oci/tls-certificates/src/main/java/io/helidon/integrations/oci/tls/certificates/DefaultOciCertificatesTlsManager.java @@ -67,8 +67,6 @@ class DefaultOciCertificatesTlsManager extends ConfiguredTlsManager implements O private ScheduledExecutorService asyncExecutor; private Async async; private WebServerTls tlsConfig; - private volatile X509KeyManager keyManager; - private volatile X509TrustManager trustManager; DefaultOciCertificatesTlsManager(OciCertificatesTlsManagerConfig cfg) { this(cfg, "@default", null); @@ -114,16 +112,6 @@ public void init(WebServerTls tls) { OciCertificatesTlsManagerConfig.class.getSimpleName() + " scheduled: " + taskIntervalDescription); } - @Override // TlsManager - public Optional keyManager() { - return Optional.ofNullable(keyManager); - } - - @Override // TlsManager - public Optional trustManager() { - return Optional.ofNullable(trustManager); - } - private void shutdown(Object event) { try { LOGGER.log(System.Logger.Level.DEBUG, "Shutting down"); @@ -133,11 +121,6 @@ private void shutdown(Object event) { } } -// @Override // RuntimeType - OciCertificatesTlsManagerConfig prototype() { - return cfg; - } - // ConfiguredTlsManager private void maybeReload() { if (loadContext(false)) { @@ -206,9 +189,6 @@ boolean loadContext(boolean initialLoad) { throw new RuntimeException("Unable to find X.509 trust manager in download: " + cfg.certOcid()); } - this.keyManager = keyManager.get(); - this.trustManager = trustManager.get(); - if (initialLoad) { initSslContext(tlsConfig, kmf.getKeyManagers(), tmf.getTrustManagers()); } else { diff --git a/webserver/webserver/src/main/java/io/helidon/webserver/ConfiguredTlsManager.java b/webserver/webserver/src/main/java/io/helidon/webserver/ConfiguredTlsManager.java index 2116065977f..506cdc6967a 100644 --- a/webserver/webserver/src/main/java/io/helidon/webserver/ConfiguredTlsManager.java +++ b/webserver/webserver/src/main/java/io/helidon/webserver/ConfiguredTlsManager.java @@ -27,7 +27,6 @@ import java.util.LinkedHashSet; import java.util.List; import java.util.Objects; -import java.util.Optional; import java.util.Set; import java.util.function.Consumer; @@ -37,8 +36,6 @@ import javax.net.ssl.SSLSessionContext; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509KeyManager; -import javax.net.ssl.X509TrustManager; import io.helidon.common.LazyValue; import io.helidon.common.pki.KeyConfig; @@ -102,16 +99,6 @@ public void subscribe(Consumer sslContextConsumer) { sslContextConsumers.add(Objects.requireNonNull(sslContextConsumer)); } - @Override // TlsManager - public Optional keyManager() { - return Optional.empty(); - } - - @Override // TlsManager - public Optional trustManager() { - return Optional.empty(); - } - @Override // TlsManager public void init(WebServerTls tlsConfig) { SSLContext explicitSslContext = tlsConfig.explicitSslContext().orElse(null); @@ -120,7 +107,7 @@ public void init(WebServerTls tlsConfig) { return; } - if (null == tlsConfig.privateKeyConfig()) { + if (tlsConfig.privateKeyConfig() == null) { throw new IllegalStateException("Private key must be configured when SSL is enabled."); } diff --git a/webserver/webserver/src/main/java/io/helidon/webserver/TlsManager.java b/webserver/webserver/src/main/java/io/helidon/webserver/TlsManager.java index 2339ac2f5e7..141fd042e88 100644 --- a/webserver/webserver/src/main/java/io/helidon/webserver/TlsManager.java +++ b/webserver/webserver/src/main/java/io/helidon/webserver/TlsManager.java @@ -16,12 +16,9 @@ package io.helidon.webserver; -import java.util.Optional; import java.util.function.Consumer; import javax.net.ssl.SSLContext; -import javax.net.ssl.X509KeyManager; -import javax.net.ssl.X509TrustManager; /** * Implementors of this contract are responsible for managing the {@link javax.net.ssl.SSLContext} instance lifecycle. When the @@ -58,18 +55,4 @@ public interface TlsManager { */ SSLContext sslContext(); - /** - * The key manager in use, if available. - * - * @return key manager - */ - Optional keyManager(); - - /** - * The trust manager in use, if available. - * - * @return trust manager - */ - Optional trustManager(); - } diff --git a/webserver/webserver/src/main/java/io/helidon/webserver/WebServerTls.java b/webserver/webserver/src/main/java/io/helidon/webserver/WebServerTls.java index 5057c774fe8..4463efc8db9 100644 --- a/webserver/webserver/src/main/java/io/helidon/webserver/WebServerTls.java +++ b/webserver/webserver/src/main/java/io/helidon/webserver/WebServerTls.java @@ -55,8 +55,8 @@ public final class WebServerTls { private final Set enabledTlsProtocols; private final Set cipherSuite; private final SSLContext explicitSslContext; - private KeyConfig privateKeyConfig; - private KeyConfig trustConfig; + private final KeyConfig privateKeyConfig; + private final KeyConfig trustConfig; private final boolean trustAll; private final int sessionCacheSize; private final int sessionTimeoutSeconds;