Package org.apache.tomcat.util.net
Class SSLHostConfig
java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
- All Implemented Interfaces:
Serializable
Represents the TLS configuration for a virtual host.
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
static enum
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addCertificate
(SSLHostConfigCertificate certificate) static String
adjustRelativePath
(String path) getCertificates
(boolean createDefaultIfEmpty) int
boolean
boolean
String[]
String[]
boolean
Obtain the list of JSSE cipher names for the current configuration.boolean
int
int
boolean
boolean
void
setCaCertificateFile
(String caCertificateFile) void
setCaCertificatePath
(String caCertificatePath) void
setCertificateChainFile
(String certificateChainFile) void
setCertificateFile
(String certificateFile) void
setCertificateKeyAlias
(String certificateKeyAlias) void
setCertificateKeyFile
(String certificateKeyFile) void
setCertificateKeyPassword
(String certificateKeyPassword) void
setCertificateKeyPasswordFile
(String certificateKeyPasswordFile) void
setCertificateKeystoreFile
(String certificateKeystoreFile) void
setCertificateKeystorePassword
(String certificateKeystorePassword) void
setCertificateKeystorePasswordFile
(String certificateKeystorePasswordFile) void
setCertificateKeystoreProvider
(String certificateKeystoreProvider) void
setCertificateKeystoreType
(String certificateKeystoreType) void
setCertificateRevocationListFile
(String certificateRevocationListFile) void
setCertificateRevocationListPath
(String certificateRevocationListPath) void
setCertificateVerification
(String certificateVerification) void
setCertificateVerificationAsString
(String certificateVerification) void
setCertificateVerificationDepth
(int certificateVerificationDepth) void
setCiphers
(String ciphersList) Set the new cipher configuration.void
setDisableCompression
(boolean disableCompression) void
setDisableSessionTickets
(boolean disableSessionTickets) void
setEnabledCiphers
(String[] enabledCiphers) void
setEnabledProtocols
(String[] enabledProtocols) void
setHonorCipherOrder
(String honorCipherOrder) void
setHostName
(String hostName) void
setInsecureRenegotiation
(boolean insecureRenegotiation) void
setKeyManagerAlgorithm
(String keyManagerAlgorithm) void
setObjectName
(ObjectName oname) void
setOpenSslConf
(OpenSSLConf conf) void
setOpenSslConfContext
(Long openSslConfContext) void
setOpenSslContext
(Long openSslContext) void
setProtocols
(String input) void
setRevocationEnabled
(boolean revocationEnabled) void
setSessionCacheSize
(int sessionCacheSize) void
setSessionTimeout
(int sessionTimeout) void
setSslProtocol
(String sslProtocol) void
setTls13RenegotiationAvailable
(boolean tls13RenegotiationAvailable) void
setTrustManagerClassName
(String trustManagerClassName) void
setTrustStore
(KeyStore truststore) void
setTruststoreAlgorithm
(String truststoreAlgorithm) void
setTruststoreFile
(String truststoreFile) void
setTruststorePassword
(String truststorePassword) void
setTruststoreProvider
(String truststoreProvider) void
setTruststoreType
(String truststoreType)
-
Field Details
-
DEFAULT_SSL_HOST_NAME
- See Also:
-
SSL_PROTO_ALL_SET
-
DEFAULT_TLS_CIPHERS
- See Also:
-
-
Constructor Details
-
SSLHostConfig
public SSLHostConfig()
-
-
Method Details
-
isTls13RenegotiationAvailable
public boolean isTls13RenegotiationAvailable() -
setTls13RenegotiationAvailable
public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) -
getOpenSslConfContext
-
setOpenSslConfContext
-
getOpenSslContext
-
setOpenSslContext
-
getConfigType
-
getEnabledProtocols
- Returns:
- The protocols enabled for this TLS virtual host
- See Also:
-
setEnabledProtocols
-
getEnabledCiphers
- Returns:
- The ciphers enabled for this TLS virtual host
- See Also:
-
setEnabledCiphers
-
getObjectName
-
setObjectName
-
addCertificate
-
getOpenSslConf
-
setOpenSslConf
-
getCertificates
-
getCertificates
-
getCertificateKeyPassword
-
setCertificateKeyPassword
-
getCertificateKeyPasswordFile
-
setCertificateKeyPasswordFile
-
setCertificateRevocationListFile
-
getCertificateRevocationListFile
-
setCertificateVerification
-
getCertificateVerification
-
setCertificateVerificationAsString
-
getCertificateVerificationAsString
-
setCertificateVerificationDepth
public void setCertificateVerificationDepth(int certificateVerificationDepth) -
getCertificateVerificationDepth
public int getCertificateVerificationDepth() -
isCertificateVerificationDepthConfigured
public boolean isCertificateVerificationDepthConfigured() -
setCiphers
Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.- Parameters:
ciphersList
- The new cipher configuration in OpenSSL or JSSE format
-
getCiphers
- Returns:
- An OpenSSL cipher string for the current configuration.
-
getCipherList
-
getJsseCipherNames
Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.- Returns:
- A list of the JSSE cipher names
-
setHonorCipherOrder
-
getHonorCipherOrder
-
setHostName
-
getHostName
- Returns:
- The host name associated with this SSL configuration - always in lower case.
-
setProtocols
-
getProtocols
-
setSessionCacheSize
public void setSessionCacheSize(int sessionCacheSize) -
getSessionCacheSize
public int getSessionCacheSize() -
setSessionTimeout
public void setSessionTimeout(int sessionTimeout) -
getSessionTimeout
public int getSessionTimeout() -
getCertificateKeyAlias
-
setCertificateKeyAlias
-
getCertificateKeystoreFile
-
setCertificateKeystoreFile
-
getCertificateKeystorePassword
-
setCertificateKeystorePassword
-
getCertificateKeystorePasswordFile
-
setCertificateKeystorePasswordFile
-
getCertificateKeystoreProvider
-
setCertificateKeystoreProvider
-
getCertificateKeystoreType
-
setCertificateKeystoreType
-
setKeyManagerAlgorithm
-
getKeyManagerAlgorithm
-
setRevocationEnabled
public void setRevocationEnabled(boolean revocationEnabled) -
getRevocationEnabled
public boolean getRevocationEnabled() -
setSslProtocol
-
getSslProtocol
-
setTrustManagerClassName
-
getTrustManagerClassName
-
setTruststoreAlgorithm
-
getTruststoreAlgorithm
-
setTruststoreFile
-
getTruststoreFile
-
setTruststorePassword
-
getTruststorePassword
-
setTruststoreProvider
-
getTruststoreProvider
-
setTruststoreType
-
getTruststoreType
-
setTrustStore
-
getTruststore
- Throws:
IOException
-
getCertificateChainFile
-
setCertificateChainFile
-
getCertificateFile
-
setCertificateFile
-
getCertificateKeyFile
-
setCertificateKeyFile
-
setCertificateRevocationListPath
-
getCertificateRevocationListPath
-
setCaCertificateFile
-
getCaCertificateFile
-
setCaCertificatePath
-
getCaCertificatePath
-
setDisableCompression
public void setDisableCompression(boolean disableCompression) -
getDisableCompression
public boolean getDisableCompression() -
setDisableSessionTickets
public void setDisableSessionTickets(boolean disableSessionTickets) -
getDisableSessionTickets
public boolean getDisableSessionTickets() -
setInsecureRenegotiation
public void setInsecureRenegotiation(boolean insecureRenegotiation) -
getInsecureRenegotiation
public boolean getInsecureRenegotiation() -
certificatesExpiringBefore
-
adjustRelativePath
- Throws:
FileNotFoundException
-