Support CDI providers of key/trust stores in TLS registry

[emattheis]

Per discussion #41024, this PR provides a mechanism for application code to supply keystores or truststores to the TLS registry.

[quarkus-bot]

Thanks for your pull request!

Your pull request does not follow our editorial rules. Could you have a look?

• description should not be empty, describe your intent or provide links to the issues this PR is fixing (using Fixes #NNNNN) or changelogs

_{This message is automatically generated by a bot.}

[cescoffier]

Very nice!

I made a few comment and I added a question for @mkouba

[cescoffier]

I forgot to mention that this deserves a small section in the TLS registry documentation.

[github-actions]

🙈 The PR is closed and the preview is expired.

[cescoffier]

LGTM!

I made 2 small suggestions as it's not really dynamic (it's loaded only once, at startup time)

[emattheis]

it's loaded only once, at startup time

Also on reloads, but certainly not dynamic from the SSLContext point of view.

I'll mention the reload behavior in the documentation updates.

[cescoffier]

@emattheis Can you squash your commits?

[emattheis]

Can you squash your commits?

Yes. I want to address @michalvavrik's point about destroying dependent beans, and then I'll squash everything. I'm still a bit confused about InstanceHandle vs InjectableInstance. I probably just need to RTFM 😉

[emattheis]

@cescoffier I updated the docs and squashed the commits.

[quarkus-bot]

Status for workflow Quarkus Documentation CI

This is the status report for running Quarkus Documentation CI on commit 27997d3.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

Warning

There are other workflow runs running, you probably need to wait for their status before merging.

[quarkus-bot]

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 27997d3.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

---

Flaky tests - Develocity

⚙️ JVM Tests - JDK 21

📦 integration-tests/virtual-threads/mailer-virtual-threads

✖ io.quarkus.virtual.mail.RunOnVirtualThreadTest.test - History

• Read timed out - java.net.SocketTimeoutException

java.net.SocketTimeoutException: Read timed out
	at java.base/sun.nio.ch.NioSocketImpl.timedRead(NioSocketImpl.java:278)
	at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:304)
	at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:346)
	at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:796)
	at java.base/java.net.Socket$SocketInputStream.read(Socket.java:1099)
	at org.apache.http.impl.io.AbstractSessionInputBuffer.fillBuffer(AbstractSessionInputBuffer.java:161)
	at org.apache.http.impl.io.SocketInputBuffer.fillBuffer(SocketInputBuffer.java:82)

[cescoffier]

Thanks! Sorry for the delay for the merge; the last few days have been a bit chaotic.