SSLTermination (jclouds Rackspace Cloud Load Balancers API 1.8.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jclouds.rackspace.cloudloadbalancers.v1.domain
Class SSLTermination

java.lang.Object
  org.jclouds.rackspace.cloudloadbalancers.v1.domain.SSLTermination

public class SSLTermination
extends Object
extends Object

The SSL Termination feature allows a load balancer user to terminate SSL traffic at the load balancer layer versus at the web server layer. A user may choose to configure SSL Termination using a key and an SSL certificate or an (Intermediate) SSL certificate.

When SSL Termination is configured on a load balancer, a secure shadow server is created that listens only for secure traffic on a user-specified port. This shadow server is only visible to and manageable by the system. Existing or updated attributes on a load balancer with SSL Termination will also apply to its shadow server. For example, if Connection Logging is enabled on an SSL load balancer, it will also be enabled on the shadow server and Cloud Files logs will contain log files for both.

Notes

SSL Termination may only be configured on load balancers with non-secure protocols. For example, SSL Termination can be applied to an HTTP load balancer, but not to an HTTPS load balancer.
SSL-terminated load balancers decrypt the traffic at the traffic manager and pass unencrypted traffic to the back-end node. Because of this, the customer's back-end nodes don't know what protocol the client requested. Therefore the X-Forwarded-Proto (XFP) header has been added for identifying the originating protocol of an HTTP request as "http" or "https" depending on what protocol the client requested.
Not every service will return certificates in the proper order. Please verify that your chain of certificates matches that of walking up the chain from the domain to the CA root.

Warning

If SSL is enabled on a load balancer that is configured with nodes that are NOT in the same datacenter, then decrypted traffic will be sent in clear text over the public internet to the external node(s) and will no longer be secure.

Optional SSL Attributes
Optional SSL Attributes	Non-SSL Traffic	SSL Traffic
`enabled` = `true` (default)	Yes	Yes
`enabled` = `false`	Yes	No
`secureTrafficOnly` = `true`	No	Yes
`secureTrafficOnly` = `false` (default)	Yes	Yes
`enabled` = `true` `secureTrafficOnly` = `true`	No	Yes
`enabled` = `true` `secureTrafficOnly` = `false`	Yes	Yes
`enabled` = `false` `secureTrafficOnly` = `false`	Yes	No
`enabled` = `false` `secureTrafficOnly` = `true`	Yes	No

Nested Class Summary
`static class`	`SSLTermination.Builder`

Constructor Summary
`protected`	`SSLTermination(boolean enabled, boolean secureTrafficOnly, int securePort, String certificate, String privateKey, String intermediateCertificate)`

Method Summary
`static SSLTermination.Builder`	`builder()`
`boolean`	`equals(Object obj)`
`com.google.common.base.Optional<String>`	`getCertificate()`
`boolean`	`getEnabled()`
`com.google.common.base.Optional<String>`	`getIntermediateCertificate()`
`com.google.common.base.Optional<String>`	`getPrivateKey()`
`int`	`getSecurePort()`
`boolean`	`getSecureTrafficOnly()`
`int`	`hashCode()`
`protected com.google.common.base.Objects.ToStringHelper`	`string()`
`SSLTermination.Builder`	`toBuilder()`
`String`	`toString()`

Methods inherited from class java.lang.Object
`clone, finalize, getClass, notify, notifyAll, wait, wait, wait`

Constructor Detail

SSLTermination

@ConstructorProperties(value={"enabled","secureTrafficOnly","securePort","certificate","privatekey","intermediateCertificate"})
protected SSLTermination(boolean enabled,
                                                    boolean secureTrafficOnly,
                                                    int securePort,
                                                    String certificate,
                                                    String privateKey,
                                                    String intermediateCertificate)

Method Detail

getEnabled

public boolean getEnabled()

getSecureTrafficOnly

public boolean getSecureTrafficOnly()

getSecurePort

public int getSecurePort()

getCertificate

public com.google.common.base.Optional<String> getCertificate()

getPrivateKey

public com.google.common.base.Optional<String> getPrivateKey()

getIntermediateCertificate

public com.google.common.base.Optional<String> getIntermediateCertificate()

hashCode

public int hashCode()

Overrides:: hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:: equals in class Object

string

protected com.google.common.base.Objects.ToStringHelper string()

toString

public String toString()

Overrides:: toString in class Object

builder

public static SSLTermination.Builder builder()

toBuilder

public SSLTermination.Builder toBuilder()