Class ReloadableSslContext

java.lang.Object

com.loomcache.common.config.ReloadableSslContext

public class ReloadableSslContext
extends Object

Thread-safe wrapper around SSLContext that supports hot-reload of certificates.

Delegates all operations to the current SSLContext via an AtomicReference. When certificates are reloaded, the reference is atomically updated.

Existing connections continue using the old context (SSLEngine holds a copy). New connections will use the newly loaded context.

Note: This class uses delegation rather than inheritance because SSLContext methods such as createSSLEngine are final starting from JDK 24.

Since:

1.0

Constructor Summary

Constructors

Constructor	Description
ReloadableSslContext(SSLContext initialContext)	Create a reloadable SSL context wrapper.

Method Summary

Modifier and Type	Method	Description
SSLEngine	createSSLEngine()	Create an SSLEngine for a client connection.
SSLEngine	createSSLEngine(String peerHost, int peerPort)	Create an SSLEngine for a client connection with specified host and port.
SSLSessionContext	getClientSessionContext()	Get the default SSL session context for client connections.
SSLContext	getDelegate()	Get the underlying (current) SSLContext.
SSLSessionContext	getServerSessionContext()	Get the default SSL session context for server connections.
void	reload(SSLContext newContext)	Atomically reload with a new SSLContext.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ReloadableSslContext

public ReloadableSslContext(SSLContext initialContext)

Create a reloadable SSL context wrapper.

Parameters:

initialContext - the initial SSLContext to wrap

Throws:

NullPointerException - if initialContext is null

Method Details

reload

public void reload(SSLContext newContext)

Atomically reload with a new SSLContext. Existing connections will continue using their original context. New connections will use the newly set context.

Parameters:

newContext - the new SSLContext to use for new connections

Throws:

NullPointerException - if newContext is null

createSSLEngine

public SSLEngine createSSLEngine()

Create an SSLEngine for a client connection. Uses the current SSLContext.

Returns:

a new SSLEngine from the current context

createSSLEngine

public SSLEngine createSSLEngine(String peerHost,
 int peerPort)

Create an SSLEngine for a client connection with specified host and port. Uses the current SSLContext.

Parameters:

peerHost - the non-authoritative name of the host

peerPort - the non-authoritative port

Returns:

a new SSLEngine from the current context

getClientSessionContext

public SSLSessionContext getClientSessionContext()

Get the default SSL session context for client connections.

Returns:

the client SSLSessionContext

getServerSessionContext

public SSLSessionContext getServerSessionContext()

Get the default SSL session context for server connections.

Returns:

the server SSLSessionContext

getDelegate

public SSLContext getDelegate()

Get the underlying (current) SSLContext. Useful for operations that need direct access (like socket creation).

Returns:

the current SSLContext delegate