Class DotNettySslSetup
Programmatic setup for DotNetty SSL/TLS configuration. Provides a fluent API alternative to HOCON configuration.
Inherited Members
Namespace: Akka.Remote.Transport.DotNetty
Assembly: Akka.Remote.dll
Syntax
public sealed class DotNettySslSetup : SetupConstructors
| Edit this page View SourceDotNettySslSetup(X509Certificate2, bool)
Constructor for backward compatibility - defaults to RequireMutualAuthentication = true, ValidateCertificateHostname = false
Declaration
public DotNettySslSetup(X509Certificate2 certificate, bool suppressValidation)Parameters
| Type | Name | Description |
|---|---|---|
| X509Certificate2 | certificate | X509 certificate used to establish SSL/TLS |
| bool | suppressValidation | When true, suppresses certificate chain validation (use only for development/testing) |
DotNettySslSetup(X509Certificate2, bool, bool)
Constructor for backward compatibility - defaults to ValidateCertificateHostname = false
Declaration
public DotNettySslSetup(X509Certificate2 certificate, bool suppressValidation, bool requireMutualAuthentication)Parameters
| Type | Name | Description |
|---|---|---|
| X509Certificate2 | certificate | X509 certificate used to establish SSL/TLS |
| bool | suppressValidation | When true, suppresses certificate chain validation (use only for development/testing) |
| bool | requireMutualAuthentication | When true, requires mutual TLS authentication (both client and server present certificates) |
DotNettySslSetup(X509Certificate2, bool, bool, CertificateValidationCallback?)
Constructor with custom certificate validation callback
Declaration
public DotNettySslSetup(X509Certificate2 certificate, bool suppressValidation, bool requireMutualAuthentication, CertificateValidationCallback? customValidator)Parameters
| Type | Name | Description |
|---|---|---|
| X509Certificate2 | certificate | X509 certificate used to establish SSL/TLS |
| bool | suppressValidation | When true, suppresses certificate chain validation (use only for development/testing) |
| bool | requireMutualAuthentication | When true, requires mutual TLS authentication (both client and server present certificates) |
| CertificateValidationCallback | customValidator | Custom certificate validation callback (overrides config-based validation when provided) |
DotNettySslSetup(X509Certificate2, bool, bool, bool)
Full constructor with all SSL/TLS configuration options
Declaration
public DotNettySslSetup(X509Certificate2 certificate, bool suppressValidation, bool requireMutualAuthentication, bool validateCertificateHostname)Parameters
| Type | Name | Description |
|---|---|---|
| X509Certificate2 | certificate | X509 certificate used to establish SSL/TLS |
| bool | suppressValidation | When true, suppresses certificate chain validation (use only for development/testing) |
| bool | requireMutualAuthentication | When true, requires mutual TLS authentication (both client and server present certificates) |
| bool | validateCertificateHostname | When true, enables hostname validation (certificate CN/SAN must match target hostname) |
DotNettySslSetup(X509Certificate2, bool, bool, bool, CertificateValidationCallback?)
Full constructor with all SSL/TLS configuration options including custom validation
Declaration
public DotNettySslSetup(X509Certificate2 certificate, bool suppressValidation, bool requireMutualAuthentication, bool validateCertificateHostname, CertificateValidationCallback? customValidator)Parameters
| Type | Name | Description |
|---|---|---|
| X509Certificate2 | certificate | X509 certificate used to establish SSL/TLS |
| bool | suppressValidation | When true, suppresses certificate chain validation (use only for development/testing) |
| bool | requireMutualAuthentication | When true, requires mutual TLS authentication (both client and server present certificates) |
| bool | validateCertificateHostname | When true, enables hostname validation (certificate CN/SAN must match target hostname) |
| CertificateValidationCallback | customValidator | Custom certificate validation callback (overrides config-based validation when provided) |
Properties
| Edit this page View SourceCertificate
X509 certificate used to establish Secure Socket Layer (SSL) between two remote endpoints.
Declaration
public X509Certificate2 Certificate { get; }Property Value
| Type | Description |
|---|---|
| X509Certificate2 |
CustomValidator
Custom certificate validation callback for advanced validation scenarios. When provided, this callback takes precedence over config-based validation. Use with CertificateValidation helper factory to combine multiple validation strategies. Example: CertificateValidation.Combine(ValidateChain(log), PinnedCertificate(thumbprints))
Declaration
public CertificateValidationCallback? CustomValidator { get; }Property Value
| Type | Description |
|---|---|
| CertificateValidationCallback |
RequireMutualAuthentication
When true, requires mutual TLS authentication where both client and server must present valid certificates with accessible private keys during the TLS handshake. Provides defense-in-depth security by ensuring symmetric authentication.
Declaration
public bool RequireMutualAuthentication { get; }Property Value
| Type | Description |
|---|---|
| bool |
SuppressValidation
Flag used to suppress certificate validation - use true only when on dev machine or for testing.
Declaration
public bool SuppressValidation { get; }Property Value
| Type | Description |
|---|---|
| bool |
ValidateCertificateHostname
When true, enables traditional TLS hostname validation (certificate CN/SAN must match target hostname). When false, only validates certificate chain against CA, ignores hostname mismatches. Default is false for backward compatibility and to support mutual TLS scenarios with per-node certificates, IP-based connections, or dynamic service discovery.
Declaration
public bool ValidateCertificateHostname { get; }Property Value
| Type | Description |
|---|---|
| bool |
Edit this page