Interface SSLUtil

All Known Implementing Classes:

JSSEUtil, OpenSSLUtil, SSLUtilBase

public interface SSLUtil

Provides a common interface for SSLImplementations to create the necessary JSSE implementation objects for TLS connections created via the JSSE API.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	SSLUtil.ProtocolInfo	Optional interface that can be implemented by SSLEngines to indicate that they support ALPN and can provide the protocol agreed with the client.

Method Summary

Modifier and Type	Method	Description
void	configureSessionContext(SSLSessionContext sslSessionContext)
SSLContext	createSSLContext(List<String> negotiableProtocols)
static SSLContext	createSSLContext(SSLContext sslContext, X509KeyManager keyManager, X509TrustManager trustManager)	Creates an instance of Tomcat's SSLContext from the provided inputs.
String[]	getEnabledCiphers()	The set of enabled ciphers is the intersection of the implemented ciphers and the configured ciphers.
String[]	getEnabledProtocols()	The set of enabled protocols is the intersection of the implemented protocols and the configured protocols.
KeyManager[]	getKeyManagers()
TrustManager[]	getTrustManagers()

Method Details

createSSLContext

static SSLContext createSSLContext(SSLContext sslContext,
 X509KeyManager keyManager,
 X509TrustManager trustManager)

Creates an instance of Tomcat's SSLContext from the provided inputs. Typically used when the user wants to provide a pre-configured javax.net.ssl.SSLContext instance. There is no need to call SSLContext.init(KeyManager[], TrustManager[], java.security.SecureRandom) on the returned value.

Parameters:

sslContext - The JSSE SSL context

keyManager - The JSSE key manager

trustManager - The JSSE trust manager

Returns:

An instance of Tomcat's SSLContext formed from the provided inputs.

createSSLContext

SSLContext createSSLContext(List<String> negotiableProtocols)
                     throws Exception

Throws:

Exception

getKeyManagers

KeyManager[] getKeyManagers()
                     throws Exception

Throws:

Exception

getTrustManagers

TrustManager[] getTrustManagers()
                         throws Exception

Throws:

Exception

configureSessionContext

void configureSessionContext(SSLSessionContext sslSessionContext)

getEnabledProtocols

String[] getEnabledProtocols()
                      throws IllegalArgumentException

The set of enabled protocols is the intersection of the implemented protocols and the configured protocols. If no protocols are explicitly configured, then all of the implemented protocols will be included in the returned array.

Returns:

The protocols currently enabled and available for clients to select from for the associated connection

Throws:

IllegalArgumentException - If there is no intersection between the implemented and configured protocols

getEnabledCiphers

String[] getEnabledCiphers()
                    throws IllegalArgumentException

The set of enabled ciphers is the intersection of the implemented ciphers and the configured ciphers. If no ciphers are explicitly configured, then the default ciphers will be included in the returned array.

The ciphers used during the TLS handshake may be further restricted by the getEnabledProtocols() and the certificates.

Returns:

The ciphers currently enabled and available for clients to select from for the associated connection

Throws:

IllegalArgumentException - If there is no intersection between the implemented and configured ciphers