org.apache.tomcat.util.net

Class SSLHostConfig

java.lang.Object

org.apache.tomcat.util.net.SSLHostConfig

All Implemented Interfaces:

Serializable

public class SSLHostConfig
extends Object
implements Serializable

Represents the TLS configuration for a virtual host.

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SSLHostConfig.CertificateVerification
static class	SSLHostConfig.Type

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	DEFAULT_SSL_HOST_NAME
protected static Set<String>	SSL_PROTO_ALL

Constructor Summary

Constructors

Constructor and Description
SSLHostConfig()

Method Summary

Modifier and Type	Method and Description
void	addCertificate(SSLHostConfigCertificate certificate)
static String	adjustRelativePath(String path)
String	getCaCertificateFile()
String	getCaCertificatePath()
String	getCertificateRevocationListFile()
String	getCertificateRevocationListPath()
Set<SSLHostConfigCertificate>	getCertificates()
Set<SSLHostConfigCertificate>	getCertificates(boolean createDefaultIfEmpty)
SSLHostConfig.CertificateVerification	getCertificateVerification()
int	getCertificateVerificationDepth()
LinkedHashSet<Cipher>	getCipherList()
String	getCiphers()
boolean	getDisableCompression()
boolean	getDisableSessionTickets()
String[]	getEnabledCiphers()
String[]	getEnabledProtocols()
boolean	getHonorCipherOrder()
String	getHostName()
boolean	getInsecureRenegotiation()
List<String>	getJsseCipherNames() Obtain the list of JSSE cipher names for the current configuration.
String	getKeyManagerAlgorithm()
Long	getOpenSslContext()
Set<String>	getProtocols()
int	getSessionCacheSize()
int	getSessionTimeout()
String	getSslProtocol()
String	getTrustManagerClassName()
KeyStore	getTruststore()
String	getTruststoreAlgorithm()
String	getTruststoreFile()
String	getTruststorePassword()
String	getTruststoreProvider()
String	getTruststoreType()
void	setCaCertificateFile(String caCertificateFile)
void	setCaCertificatePath(String caCertificatePath)
void	setCertificateChainFile(String certificateChainFile)
void	setCertificateFile(String certificateFile)
void	setCertificateKeyAlias(String certificateKeyAlias)
void	setCertificateKeyFile(String certificateKeyFile)
void	setCertificateKeyPassword(String certificateKeyPassword)
void	setCertificateKeystoreFile(String certificateKeystoreFile)
void	setCertificateKeystorePassword(String certificateKeystorePassword)
void	setCertificateKeystoreProvider(String certificateKeystoreProvider)
void	setCertificateKeystoreType(String certificateKeystoreType)
void	setCertificateRevocationListFile(String certificateRevocationListFile)
void	setCertificateRevocationListPath(String certificateRevocationListPath)
void	setCertificateVerification(String certificateVerification)
void	setCertificateVerificationDepth(int certificateVerificationDepth)
void	setCiphers(String ciphersList) Set the new cipher configuration.
void	setConfigType(SSLHostConfig.Type configType)
void	setDisableCompression(boolean disableCompression)
void	setDisableSessionTickets(boolean disableSessionTickets)
void	setHonorCipherOrder(boolean honorCipherOrder)
void	setHostName(String hostName)
void	setInsecureRenegotiation(boolean insecureRenegotiation)
void	setKeyManagerAlgorithm(String keyManagerAlgorithm)
void	setOpenSslContext(Long openSslContext)
void	setProtocols(String input)
void	setSessionCacheSize(int sessionCacheSize)
void	setSessionTimeout(int sessionTimeout)
void	setSslProtocol(String sslProtocol)
void	setTrustManagerClassName(String trustManagerClassName)
void	setTrustStore(KeyStore truststore)
void	setTruststoreAlgorithm(String truststoreAlgorithm)
void	setTruststoreFile(String truststoreFile)
void	setTruststorePassword(String truststorePassword)
void	setTruststoreProvider(String truststoreProvider)
void	setTruststoreType(String truststoreType)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_SSL_HOST_NAME

protected static final String DEFAULT_SSL_HOST_NAME

See Also:

Constant Field Values

SSL_PROTO_ALL

protected static final Set<String> SSL_PROTO_ALL

Constructor Detail

SSLHostConfig

public SSLHostConfig()

Method Detail

getOpenSslContext

public Long getOpenSslContext()

setOpenSslContext

public void setOpenSslContext(Long openSslContext)

setConfigType

public void setConfigType(SSLHostConfig.Type configType)

getEnabledProtocols

public String[] getEnabledProtocols()

Returns:

The protocols enabled for this TLS virtual host

See Also:

SSLUtil.getEnabledProtocols()

getEnabledCiphers

public String[] getEnabledCiphers()

Returns:

The ciphers enabled for this TLS virtual host

See Also:

SSLUtil.getEnabledCiphers()

addCertificate

public void addCertificate(SSLHostConfigCertificate certificate)

getCertificates

public Set<SSLHostConfigCertificate> getCertificates()

getCertificates

public Set<SSLHostConfigCertificate> getCertificates(boolean createDefaultIfEmpty)

setCertificateKeyPassword

public void setCertificateKeyPassword(String certificateKeyPassword)

setCertificateRevocationListFile

public void setCertificateRevocationListFile(String certificateRevocationListFile)

getCertificateRevocationListFile

public String getCertificateRevocationListFile()

setCertificateVerification

public void setCertificateVerification(String certificateVerification)

getCertificateVerification

public SSLHostConfig.CertificateVerification getCertificateVerification()

setCertificateVerificationDepth

public void setCertificateVerificationDepth(int certificateVerificationDepth)

getCertificateVerificationDepth

public int getCertificateVerificationDepth()

setCiphers

public void setCiphers(String ciphersList)

Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.

Parameters:

ciphersList - The new cipher configuration in OpenSSL or JSSE format

getCiphers

public String getCiphers()

Returns:

An OpenSSL cipher string for the current configuration.

getCipherList

public LinkedHashSet<Cipher> getCipherList()

getJsseCipherNames

public List<String> getJsseCipherNames()

Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.

Returns:

A list of the JSSE cipher names

setHonorCipherOrder

public void setHonorCipherOrder(boolean honorCipherOrder)

getHonorCipherOrder

public boolean getHonorCipherOrder()

setHostName

public void setHostName(String hostName)

getHostName

public String getHostName()

setProtocols

public void setProtocols(String input)

getProtocols

public Set<String> getProtocols()

setCertificateKeyAlias

public void setCertificateKeyAlias(String certificateKeyAlias)

setCertificateKeystoreFile

public void setCertificateKeystoreFile(String certificateKeystoreFile)

setCertificateKeystorePassword

public void setCertificateKeystorePassword(String certificateKeystorePassword)

setCertificateKeystoreProvider

public void setCertificateKeystoreProvider(String certificateKeystoreProvider)

setCertificateKeystoreType

public void setCertificateKeystoreType(String certificateKeystoreType)

setKeyManagerAlgorithm

public void setKeyManagerAlgorithm(String keyManagerAlgorithm)

getKeyManagerAlgorithm

public String getKeyManagerAlgorithm()

setSessionCacheSize

public void setSessionCacheSize(int sessionCacheSize)

getSessionCacheSize

public int getSessionCacheSize()

setSessionTimeout

public void setSessionTimeout(int sessionTimeout)

getSessionTimeout

public int getSessionTimeout()

setSslProtocol

public void setSslProtocol(String sslProtocol)

getSslProtocol

public String getSslProtocol()

setTrustManagerClassName

public void setTrustManagerClassName(String trustManagerClassName)

getTrustManagerClassName

public String getTrustManagerClassName()

setTruststoreAlgorithm

public void setTruststoreAlgorithm(String truststoreAlgorithm)

getTruststoreAlgorithm

public String getTruststoreAlgorithm()

setTruststoreFile

public void setTruststoreFile(String truststoreFile)

getTruststoreFile

public String getTruststoreFile()

setTruststorePassword

public void setTruststorePassword(String truststorePassword)

getTruststorePassword

public String getTruststorePassword()

setTruststoreProvider

public void setTruststoreProvider(String truststoreProvider)

getTruststoreProvider

public String getTruststoreProvider()

setTruststoreType

public void setTruststoreType(String truststoreType)

getTruststoreType

public String getTruststoreType()

setTrustStore

public void setTrustStore(KeyStore truststore)

getTruststore

public KeyStore getTruststore()
                       throws IOException

Throws:

IOException

setCertificateChainFile

public void setCertificateChainFile(String certificateChainFile)

setCertificateFile

public void setCertificateFile(String certificateFile)

setCertificateKeyFile

public void setCertificateKeyFile(String certificateKeyFile)

setCertificateRevocationListPath

public void setCertificateRevocationListPath(String certificateRevocationListPath)

getCertificateRevocationListPath

public String getCertificateRevocationListPath()

setCaCertificateFile

public void setCaCertificateFile(String caCertificateFile)

getCaCertificateFile

public String getCaCertificateFile()

setCaCertificatePath

public void setCaCertificatePath(String caCertificatePath)

getCaCertificatePath

public String getCaCertificatePath()

setDisableCompression

public void setDisableCompression(boolean disableCompression)

getDisableCompression

public boolean getDisableCompression()

setDisableSessionTickets

public void setDisableSessionTickets(boolean disableSessionTickets)

getDisableSessionTickets

public boolean getDisableSessionTickets()

setInsecureRenegotiation

public void setInsecureRenegotiation(boolean insecureRenegotiation)

getInsecureRenegotiation

public boolean getInsecureRenegotiation()

adjustRelativePath

public static String adjustRelativePath(String path)