org.apache.flink.runtime.io.network.netty.SSLHandlerFactory Java Examples

/**
 * Creates a SSLEngineFactory to be used by internal communication server endpoints.
 */
public static SSLHandlerFactory createInternalServerSSLEngineFactory(final Configuration config) throws Exception {
	SSLContext sslContext = createInternalSSLContext(config);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for internal communication.");
	}

	return new SSLHandlerFactory(
			sslContext,
			getEnabledProtocols(config),
			getEnabledCipherSuites(config),
			false,
			true,
			config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT),
			config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT));
}
 

/**
 * Creates and returns a new {@link RestClientConfiguration} from the given {@link Configuration}.
 *
 * @param config configuration from which the REST client endpoint configuration should be created from
 * @return REST client endpoint configuration
 * @throws ConfigurationException if SSL was configured incorrectly
 */

public static RestClientConfiguration fromConfiguration(Configuration config) throws ConfigurationException {
	Preconditions.checkNotNull(config);

	final SSLHandlerFactory sslHandlerFactory;
	if (SSLUtils.isRestSSLEnabled(config)) {
		try {
			sslHandlerFactory = SSLUtils.createRestClientSSLEngineFactory(config);
		} catch (Exception e) {
			throw new ConfigurationException("Failed to initialize SSLContext for the REST client", e);
		}
	} else {
		sslHandlerFactory = null;
	}

	final long connectionTimeout = config.getLong(RestOptions.CONNECTION_TIMEOUT);

	final long idlenessTimeout = config.getLong(RestOptions.IDLENESS_TIMEOUT);

	int maxContentLength = config.getInteger(RestOptions.CLIENT_MAX_CONTENT_LENGTH);

	return new RestClientConfiguration(sslHandlerFactory, connectionTimeout, idlenessTimeout, maxContentLength);
}
 

private RestServerEndpointConfiguration(
		final String restAddress,
		@Nullable String restBindAddress,
		String restBindPortRange,
		@Nullable SSLHandlerFactory sslHandlerFactory,
		final Path uploadDir,
		final int maxContentLength,
		final Map<String, String> responseHeaders) {

	Preconditions.checkArgument(maxContentLength > 0, "maxContentLength must be positive, was: %s", maxContentLength);

	this.restAddress = requireNonNull(restAddress);
	this.restBindAddress = restBindAddress;
	this.restBindPortRange = requireNonNull(restBindPortRange);
	this.sslHandlerFactory = sslHandlerFactory;
	this.uploadDir = requireNonNull(uploadDir);
	this.maxContentLength = maxContentLength;
	this.responseHeaders = Collections.unmodifiableMap(requireNonNull(responseHeaders));
}
 

/**
 * Tests that {@link SSLHandlerFactory} is created correctly.
 */
@Test
public void testCreateSSLEngineFactory() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256");

	final SSLHandlerFactory serverSSLHandlerFactory = SSLUtils.createInternalServerSSLEngineFactory(serverConfig);
	final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler();

	assertEquals(1, sslHandler.engine().getEnabledProtocols().length);
	assertEquals("TLSv1", sslHandler.engine().getEnabledProtocols()[0]);

	assertEquals(2, sslHandler.engine().getEnabledCipherSuites().length);
	assertThat(sslHandler.engine().getEnabledCipherSuites(), arrayContainingInAnyOrder(
			"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"));
}
 

private RestServerEndpointConfiguration(
		final String restAddress,
		@Nullable String restBindAddress,
		String restBindPortRange,
		@Nullable SSLHandlerFactory sslHandlerFactory,
		final Path uploadDir,
		final int maxContentLength,
		final Map<String, String> responseHeaders) {

	Preconditions.checkArgument(maxContentLength > 0, "maxContentLength must be positive, was: %s", maxContentLength);

	this.restAddress = requireNonNull(restAddress);
	this.restBindAddress = restBindAddress;
	this.restBindPortRange = requireNonNull(restBindPortRange);
	this.sslHandlerFactory = sslHandlerFactory;
	this.uploadDir = requireNonNull(uploadDir);
	this.maxContentLength = maxContentLength;
	this.responseHeaders = Collections.unmodifiableMap(requireNonNull(responseHeaders));
}
 

/**
 * Creates a {@link SSLHandlerFactory} to be used by the REST Clients.
 *
 * @param config The application configuration.
 */
public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception {
	SSLContext sslContext = createRestClientSSLContext(config);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for REST endpoints.");
	}

	return new SSLHandlerFactory(
			sslContext,
			getEnabledProtocols(config),
			getEnabledCipherSuites(config),
			true,
			isRestSSLAuthenticationEnabled(config),
			-1,
			-1);
}
 

/**
 * Creates a {@link SSLHandlerFactory} to be used by the REST Servers.
 *
 * @param config The application configuration.
 */
public static SSLHandlerFactory createRestServerSSLEngineFactory(final Configuration config) throws Exception {
	SSLContext sslContext = createRestServerSSLContext(config);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for REST endpoints.");
	}

	return new SSLHandlerFactory(
			sslContext,
			getEnabledProtocols(config),
			getEnabledCipherSuites(config),
			false,
			isRestSSLAuthenticationEnabled(config),
			-1,
			-1);
}
 

/**
 * Creates a SSLEngineFactory to be used by internal communication client endpoints.
 */
public static SSLHandlerFactory createInternalClientSSLEngineFactory(final Configuration config) throws Exception {
	SSLContext sslContext = createInternalSSLContext(config);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for internal communication.");
	}

	return new SSLHandlerFactory(
			sslContext,
			getEnabledProtocols(config),
			getEnabledCipherSuites(config),
			true,
			true,
			config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT),
			config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT));
}
 

/**
 * Creates and returns a new {@link RestClientConfiguration} from the given {@link Configuration}.
 *
 * @param config configuration from which the REST client endpoint configuration should be created from
 * @return REST client endpoint configuration
 * @throws ConfigurationException if SSL was configured incorrectly
 */

public static RestClientConfiguration fromConfiguration(Configuration config) throws ConfigurationException {
	Preconditions.checkNotNull(config);

	final SSLHandlerFactory sslHandlerFactory;
	if (SSLUtils.isRestSSLEnabled(config)) {
		try {
			sslHandlerFactory = SSLUtils.createRestClientSSLEngineFactory(config);
		} catch (Exception e) {
			throw new ConfigurationException("Failed to initialize SSLContext for the REST client", e);
		}
	} else {
		sslHandlerFactory = null;
	}

	final long connectionTimeout = config.getLong(RestOptions.CONNECTION_TIMEOUT);

	final long idlenessTimeout = config.getLong(RestOptions.IDLENESS_TIMEOUT);

	int maxContentLength = config.getInteger(RestOptions.CLIENT_MAX_CONTENT_LENGTH);

	return new RestClientConfiguration(sslHandlerFactory, connectionTimeout, idlenessTimeout, maxContentLength);
}
 

/**
 * Creates and returns a new {@link RestClientConfiguration} from the given {@link Configuration}.
 *
 * @param config configuration from which the REST client endpoint configuration should be created from
 * @return REST client endpoint configuration
 * @throws ConfigurationException if SSL was configured incorrectly
 */

public static RestClientConfiguration fromConfiguration(Configuration config) throws ConfigurationException {
	Preconditions.checkNotNull(config);

	final SSLHandlerFactory sslHandlerFactory;
	if (SSLUtils.isRestSSLEnabled(config)) {
		try {
			sslHandlerFactory = SSLUtils.createRestClientSSLEngineFactory(config);
		} catch (Exception e) {
			throw new ConfigurationException("Failed to initialize SSLContext for the REST client", e);
		}
	} else {
		sslHandlerFactory = null;
	}

	final long connectionTimeout = config.getLong(RestOptions.CONNECTION_TIMEOUT);

	final long idlenessTimeout = config.getLong(RestOptions.IDLENESS_TIMEOUT);

	int maxContentLength = config.getInteger(RestOptions.CLIENT_MAX_CONTENT_LENGTH);

	return new RestClientConfiguration(sslHandlerFactory, connectionTimeout, idlenessTimeout, maxContentLength);
}
 

private RestServerEndpointConfiguration(
		final String restAddress,
		@Nullable String restBindAddress,
		String restBindPortRange,
		@Nullable SSLHandlerFactory sslHandlerFactory,
		final Path uploadDir,
		final int maxContentLength,
		final Map<String, String> responseHeaders) {

	Preconditions.checkArgument(maxContentLength > 0, "maxContentLength must be positive, was: %d", maxContentLength);

	this.restAddress = requireNonNull(restAddress);
	this.restBindAddress = restBindAddress;
	this.restBindPortRange = requireNonNull(restBindPortRange);
	this.sslHandlerFactory = sslHandlerFactory;
	this.uploadDir = requireNonNull(uploadDir);
	this.maxContentLength = maxContentLength;
	this.responseHeaders = Collections.unmodifiableMap(requireNonNull(responseHeaders));
}
 

public RedirectingSslHandler(
	@Nonnull String confRedirectHost,
	@Nonnull CompletableFuture<String> redirectBaseUrl,
	@Nonnull SSLHandlerFactory sslHandlerFactory) {
	this.confRedirectBaseUrl = "https://" + confRedirectHost + ":";
	this.redirectBaseUrl = redirectBaseUrl;
	this.sslHandlerFactory = sslHandlerFactory;
}
 

/**
 * Tests that {@link SSLHandlerFactory} is created correctly.
 */
@Test
public void testCreateSSLEngineFactory() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();
	final String[] sslAlgorithms;
	final String[] expectedSslProtocols;
	if (sslProvider.equalsIgnoreCase("OPENSSL")) {
		// openSSL does not support the same set of cipher algorithms!
		sslAlgorithms = new String[] {"TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384"};
		expectedSslProtocols = new String[] {"SSLv2Hello", "TLSv1"};
	} else {
		sslAlgorithms = new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"};
		expectedSslProtocols = new String[] {"TLSv1"};
	}

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, String.join(",", sslAlgorithms));

	final SSLHandlerFactory serverSSLHandlerFactory = SSLUtils.createInternalServerSSLEngineFactory(serverConfig);
	final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT);

	assertEquals(expectedSslProtocols.length, sslHandler.engine().getEnabledProtocols().length);
	assertThat(
		sslHandler.engine().getEnabledProtocols(),
		arrayContainingInAnyOrder(expectedSslProtocols));

	assertEquals(sslAlgorithms.length, sslHandler.engine().getEnabledCipherSuites().length);
	assertThat(
		sslHandler.engine().getEnabledCipherSuites(),
		arrayContainingInAnyOrder(sslAlgorithms));
}
 

private RestClientConfiguration(
		@Nullable final SSLHandlerFactory sslHandlerFactory,
		final long connectionTimeout,
		final long idlenessTimeout,
		final int maxContentLength) {
	checkArgument(maxContentLength > 0, "maxContentLength must be positive, was: %s", maxContentLength);
	this.sslHandlerFactory = sslHandlerFactory;
	this.connectionTimeout = connectionTimeout;
	this.idlenessTimeout = idlenessTimeout;
	this.maxContentLength = maxContentLength;
}
 

/**
 * Tests that REST Server SSL Engine is created given a valid SSL configuration.
 */
@Test
public void testRESTServerSSL() throws Exception {
	Configuration serverConfig = createRestSslConfigWithKeyStore();

	SSLHandlerFactory ssl = SSLUtils.createRestServerSSLEngineFactory(serverConfig);
	assertNotNull(ssl);
}
 

/**
 * Tests if REST Client SSL is created given a valid SSL configuration.
 */
@Test
public void testRESTClientSSL() throws Exception {
	Configuration clientConfig = createRestSslConfigWithTrustStore();

	SSLHandlerFactory ssl = SSLUtils.createRestClientSSLEngineFactory(clientConfig);
	assertNotNull(ssl);
}
 

/**
 * Creates a {@link SSLHandlerFactory} to be used by the REST Clients.
 *
 * @param config The application configuration.
 */
public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception {
	ClientAuth clientAuth = isRestSSLAuthenticationEnabled(config) ? ClientAuth.REQUIRE : ClientAuth.NONE;
	SslContext sslContext = createRestNettySSLContext(config, true, clientAuth);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for REST endpoints.");
	}

	return new SSLHandlerFactory(
			sslContext,
			-1,
			-1);
}
 

public RestClient(RestClientConfiguration configuration, Executor executor) {
	Preconditions.checkNotNull(configuration);
	this.executor = Preconditions.checkNotNull(executor);
	this.terminationFuture = new CompletableFuture<>();

	final SSLHandlerFactory sslHandlerFactory = configuration.getSslHandlerFactory();
	ChannelInitializer<SocketChannel> initializer = new ChannelInitializer<SocketChannel>() {
		@Override
		protected void initChannel(SocketChannel socketChannel) {
			try {
				// SSL should be the first handler in the pipeline
				if (sslHandlerFactory != null) {
					socketChannel.pipeline().addLast("ssl", sslHandlerFactory.createNettySSLHandler(socketChannel.alloc()));
				}

				socketChannel.pipeline()
					.addLast(new HttpClientCodec())
					.addLast(new HttpObjectAggregator(configuration.getMaxContentLength()))
					.addLast(new ChunkedWriteHandler()) // required for multipart-requests
					.addLast(new IdleStateHandler(configuration.getIdlenessTimeout(), configuration.getIdlenessTimeout(), configuration.getIdlenessTimeout(), TimeUnit.MILLISECONDS))
					.addLast(new ClientHandler());
			} catch (Throwable t) {
				t.printStackTrace();
				ExceptionUtils.rethrow(t);
			}
		}
	};
	NioEventLoopGroup group = new NioEventLoopGroup(1, new ExecutorThreadFactory("flink-rest-client-netty"));

	bootstrap = new Bootstrap();
	bootstrap
		.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, Math.toIntExact(configuration.getConnectionTimeout()))
		.group(group)
		.channel(NioSocketChannel.class)
		.handler(initializer);

	LOG.debug("Rest client endpoint started.");
}
 

public RedirectingSslHandler(
	@Nonnull String confRedirectHost,
	@Nonnull CompletableFuture<String> redirectBaseUrl,
	@Nonnull SSLHandlerFactory sslHandlerFactory) {
	this.confRedirectBaseUrl = "https://" + confRedirectHost + ":";
	this.redirectBaseUrl = redirectBaseUrl;
	this.sslHandlerFactory = sslHandlerFactory;
}
 

/**
 * Creates a SSLEngineFactory to be used by internal communication server endpoints.
 */
public static SSLHandlerFactory createInternalServerSSLEngineFactory(final Configuration config) throws Exception {
	SslContext sslContext = createInternalNettySSLContext(config, false);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for internal communication.");
	}

	return new SSLHandlerFactory(
			sslContext,
			config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT),
			config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT));
}
 

/**
 * Creates a SSLEngineFactory to be used by internal communication client endpoints.
 */
public static SSLHandlerFactory createInternalClientSSLEngineFactory(final Configuration config) throws Exception {
	SslContext sslContext = createInternalNettySSLContext(config, true);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for internal communication.");
	}

	return new SSLHandlerFactory(
			sslContext,
			config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT),
			config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT));
}
 

/**
 * Creates a {@link SSLHandlerFactory} to be used by the REST Servers.
 *
 * @param config The application configuration.
 */
public static SSLHandlerFactory createRestServerSSLEngineFactory(final Configuration config) throws Exception {
	ClientAuth clientAuth = isRestSSLAuthenticationEnabled(config) ? ClientAuth.REQUIRE : ClientAuth.NONE;
	SslContext sslContext = createRestNettySSLContext(config, false, clientAuth);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for REST endpoints.");
	}

	return new SSLHandlerFactory(
			sslContext,
			-1,
			-1);
}
 

/**
 * Creates a {@link SSLHandlerFactory} to be used by the REST Clients.
 *
 * @param config The application configuration.
 */
public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configuration config) throws Exception {
	ClientAuth clientAuth = isRestSSLAuthenticationEnabled(config) ? ClientAuth.REQUIRE : ClientAuth.NONE;
	SslContext sslContext = createRestNettySSLContext(config, true, clientAuth);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for REST endpoints.");
	}

	return new SSLHandlerFactory(
			sslContext,
			-1,
			-1);
}
 

/**
 * Tests if REST Client SSL is created given a valid SSL configuration.
 */
@Test
public void testRESTClientSSL() throws Exception {
	Configuration clientConfig = createRestSslConfigWithTrustStore();

	SSLHandlerFactory ssl = SSLUtils.createRestClientSSLEngineFactory(clientConfig);
	assertNotNull(ssl);
}
 

/**
 * Tests that REST Server SSL Engine is created given a valid SSL configuration.
 */
@Test
public void testRESTServerSSL() throws Exception {
	Configuration serverConfig = createRestSslConfigWithKeyStore();

	SSLHandlerFactory ssl = SSLUtils.createRestServerSSLEngineFactory(serverConfig);
	assertNotNull(ssl);
}
 

/**
 * Tests that {@link SSLHandlerFactory} is created correctly.
 */
@Test
public void testCreateSSLEngineFactory() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();
	final String[] sslAlgorithms;
	final String[] expectedSslProtocols;
	if (sslProvider.equalsIgnoreCase("OPENSSL")) {
		// openSSL does not support the same set of cipher algorithms!
		sslAlgorithms = new String[] {"TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384"};
		expectedSslProtocols = new String[] {"SSLv2Hello", "TLSv1"};
	} else {
		sslAlgorithms = new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"};
		expectedSslProtocols = new String[] {"TLSv1"};
	}

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, String.join(",", sslAlgorithms));

	final SSLHandlerFactory serverSSLHandlerFactory = SSLUtils.createInternalServerSSLEngineFactory(serverConfig);
	final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT);

	assertEquals(expectedSslProtocols.length, sslHandler.engine().getEnabledProtocols().length);
	assertThat(
		sslHandler.engine().getEnabledProtocols(),
		arrayContainingInAnyOrder(expectedSslProtocols));

	assertEquals(sslAlgorithms.length, sslHandler.engine().getEnabledCipherSuites().length);
	assertThat(
		sslHandler.engine().getEnabledCipherSuites(),
		arrayContainingInAnyOrder(sslAlgorithms));
}
 

/**
 * Creates a SSLEngineFactory to be used by internal communication client endpoints.
 */
public static SSLHandlerFactory createInternalClientSSLEngineFactory(final Configuration config) throws Exception {
	SslContext sslContext = createInternalNettySSLContext(config, true);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for internal communication.");
	}

	return new SSLHandlerFactory(
			sslContext,
			config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT),
			config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT));
}
 

/**
 * Creates a SSLEngineFactory to be used by internal communication server endpoints.
 */
public static SSLHandlerFactory createInternalServerSSLEngineFactory(final Configuration config) throws Exception {
	SslContext sslContext = createInternalNettySSLContext(config, false);
	if (sslContext == null) {
		throw new IllegalConfigurationException("SSL is not enabled for internal communication.");
	}

	return new SSLHandlerFactory(
			sslContext,
			config.getInteger(SecurityOptions.SSL_INTERNAL_HANDSHAKE_TIMEOUT),
			config.getInteger(SecurityOptions.SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT));
}
 

public RestClient(RestClientConfiguration configuration, Executor executor) {
	Preconditions.checkNotNull(configuration);
	this.executor = Preconditions.checkNotNull(executor);
	this.terminationFuture = new CompletableFuture<>();

	final SSLHandlerFactory sslHandlerFactory = configuration.getSslHandlerFactory();
	ChannelInitializer<SocketChannel> initializer = new ChannelInitializer<SocketChannel>() {
		@Override
		protected void initChannel(SocketChannel socketChannel) {
			try {
				// SSL should be the first handler in the pipeline
				if (sslHandlerFactory != null) {
					socketChannel.pipeline().addLast("ssl", sslHandlerFactory.createNettySSLHandler(socketChannel.alloc()));
				}

				socketChannel.pipeline()
					.addLast(new HttpClientCodec())
					.addLast(new HttpObjectAggregator(configuration.getMaxContentLength()))
					.addLast(new ChunkedWriteHandler()) // required for multipart-requests
					.addLast(new IdleStateHandler(configuration.getIdlenessTimeout(), configuration.getIdlenessTimeout(), configuration.getIdlenessTimeout(), TimeUnit.MILLISECONDS))
					.addLast(new ClientHandler());
			} catch (Throwable t) {
				t.printStackTrace();
				ExceptionUtils.rethrow(t);
			}
		}
	};
	NioEventLoopGroup group = new NioEventLoopGroup(1, new ExecutorThreadFactory("flink-rest-client-netty"));

	bootstrap = new Bootstrap();
	bootstrap
		.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, Math.toIntExact(configuration.getConnectionTimeout()))
		.group(group)
		.channel(NioSocketChannel.class)
		.handler(initializer);

	LOG.info("Rest client endpoint started.");
}
 

private RestClientConfiguration(
		@Nullable final SSLHandlerFactory sslHandlerFactory,
		final long connectionTimeout,
		final long idlenessTimeout,
		final int maxContentLength) {
	checkArgument(maxContentLength > 0, "maxContentLength must be positive, was: %d", maxContentLength);
	this.sslHandlerFactory = sslHandlerFactory;
	this.connectionTimeout = connectionTimeout;
	this.idlenessTimeout = idlenessTimeout;
	this.maxContentLength = maxContentLength;
}