@@ -651,6 +651,89 @@ public List<Setting<?>> getSettings() {
651651 )
652652 );
653653
654+ /**
655+ * TLS settings for aux transports.
656+ */
657+ settings .add (
658+ Setting .boolSetting (
659+ SSLConfigConstants .SECURITY_SSL_AUX_ENABLE_OPENSSL_IF_AVAILABLE ,
660+ OPENSSL_SUPPORTED ,
661+ Property .NodeScope ,
662+ Property .Filtered
663+ )
664+ );
665+ settings .add (
666+ Setting .boolSetting (
667+ SSLConfigConstants .SECURITY_SSL_AUX_ENABLED ,
668+ SSLConfigConstants .SECURITY_SSL_AUX_ENABLED_DEFAULT ,
669+ Property .NodeScope ,
670+ Property .Filtered
671+ )
672+ );
673+ settings .add (
674+ Setting .listSetting (
675+ SSLConfigConstants .SECURITY_SSL_AUX_ENABLED_CIPHERS ,
676+ Collections .emptyList (),
677+ Function .identity (),
678+ Property .NodeScope
679+ )
680+ );
681+ settings .add (
682+ Setting .listSetting (
683+ SSLConfigConstants .SECURITY_SSL_AUX_ENABLED_PROTOCOLS ,
684+ Collections .emptyList (),
685+ Function .identity (),
686+ Property .NodeScope
687+ )
688+ );
689+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_CLIENTAUTH_MODE , Property .NodeScope , Property .Filtered ));
690+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_KEYSTORE_ALIAS , Property .NodeScope , Property .Filtered ));
691+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_KEYSTORE_FILEPATH , Property .NodeScope , Property .Filtered ));
692+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_KEYSTORE_TYPE , Property .NodeScope , Property .Filtered ));
693+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_TRUSTSTORE_ALIAS , Property .NodeScope , Property .Filtered ));
694+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_TRUSTSTORE_FILEPATH , Property .NodeScope , Property .Filtered ));
695+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_TRUSTSTORE_TYPE , Property .NodeScope , Property .Filtered ));
696+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_PEMCERT_FILEPATH , Property .NodeScope , Property .Filtered ));
697+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_PEMKEY_FILEPATH , Property .NodeScope , Property .Filtered ));
698+ settings .add (
699+ Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_PEMTRUSTEDCAS_FILEPATH , Property .NodeScope , Property .Filtered )
700+ );
701+ settings .add (Setting .simpleString (SSLConfigConstants .SECURITY_SSL_AUX_CRL_FILE , Property .NodeScope , Property .Filtered ));
702+ settings .add (Setting .boolSetting (SSLConfigConstants .SECURITY_SSL_AUX_CRL_VALIDATE , false , Property .NodeScope , Property .Filtered ));
703+ settings .add (
704+ Setting .boolSetting (
705+ SSLConfigConstants .SECURITY_SSL_AUX_CRL_PREFER_CRLFILE_OVER_OCSP ,
706+ false ,
707+ Property .NodeScope ,
708+ Property .Filtered
709+ )
710+ );
711+ settings .add (
712+ Setting .boolSetting (
713+ SSLConfigConstants .SECURITY_SSL_AUX_CRL_CHECK_ONLY_END_ENTITIES ,
714+ true ,
715+ Property .NodeScope ,
716+ Property .Filtered
717+ )
718+ );
719+ settings .add (
720+ Setting .boolSetting (SSLConfigConstants .SECURITY_SSL_AUX_CRL_DISABLE_CRLDP , false , Property .NodeScope , Property .Filtered )
721+ );
722+ settings .add (
723+ Setting .boolSetting (SSLConfigConstants .SECURITY_SSL_AUX_CRL_DISABLE_OCSP , false , Property .NodeScope , Property .Filtered )
724+ );
725+ settings .add (
726+ Setting .longSetting (SSLConfigConstants .SECURITY_SSL_AUX_CRL_VALIDATION_DATE , -1 , -1 , Property .NodeScope , Property .Filtered )
727+ );
728+ settings .add (
729+ Setting .boolSetting (
730+ SSLConfigConstants .SECURITY_SSL_AUX_ENFORCE_CERT_RELOAD_DN_VERIFICATION ,
731+ true ,
732+ Property .NodeScope ,
733+ Property .Filtered
734+ )
735+ );
736+
654737 return settings ;
655738 }
656739
0 commit comments