Package org.apache.tomcat.util.net
Interface SSLSupport
- All Known Implementing Classes:
- JSSESupport
public interface SSLSupport
Defines an interface to interact with SSL sessions.
- 
Field SummaryFieldsModifier and TypeFieldDescriptionstatic final StringThe Request attribute key for the client certificate chain.static final StringThe Request attribute key for the cipher suite.static final StringThe Request attribute key for the key size.static final StringThe request attribute key under which the String indicating the protocol that created the SSL socket is recorded - e.g.static final StringThe request attribute key under which the String indicating the ciphers requested by the client are recorded.static final StringThe request attribute key under which the String indicating the protocols requested by the client are recorded.static final StringThe Request attribute key for the session id.static final StringThe request attribute key for the session manager.
- 
Method SummaryModifier and TypeMethodDescriptionThe cipher suite being used on this connection.Get the keysize.default X509Certificate[]The server certificate chain (if any) that were sent to the peer.The client certificate chain (if any).The current session Id.
- 
Field Details- 
CIPHER_SUITE_KEYThe Request attribute key for the cipher suite.- See Also:
 
- 
KEY_SIZE_KEYThe Request attribute key for the key size.- See Also:
 
- 
CERTIFICATE_KEYThe Request attribute key for the client certificate chain.- See Also:
 
- 
SESSION_ID_KEYThe Request attribute key for the session id. This one is a Tomcat extension to the Servlet spec.- See Also:
 
- 
SESSION_MGRThe request attribute key for the session manager. This one is a Tomcat extension to the Servlet spec.- See Also:
 
- 
PROTOCOL_VERSION_KEYThe request attribute key under which the String indicating the protocol that created the SSL socket is recorded - e.g. TLSv1 or TLSv1.2 etc.- See Also:
 
- 
REQUESTED_CIPHERS_KEYThe request attribute key under which the String indicating the ciphers requested by the client are recorded.- See Also:
 
- 
REQUESTED_PROTOCOL_VERSIONS_KEYThe request attribute key under which the String indicating the protocols requested by the client are recorded.- See Also:
 
 
- 
- 
Method Details- 
getCipherSuiteThe cipher suite being used on this connection.- Returns:
- The name of the cipher suite as returned by the SSL/TLS implementation
- Throws:
- IOException- If an error occurs trying to obtain the cipher suite
 
- 
getPeerCertificateChainThe client certificate chain (if any).- Returns:
- The certificate chain presented by the client with the peer's certificate first, followed by those of any certificate authorities
- Throws:
- IOException- If an error occurs trying to obtain the certificate chain
 
- 
getLocalCertificateChainThe server certificate chain (if any) that were sent to the peer.- Returns:
- The certificate chain sent with the server certificate first, followed by those of any certificate authorities
 
- 
getKeySizeGet the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.- Returns:
- The effective key size for the current cipher suite
- Throws:
- IOException- If an error occurs trying to obtain the key size
 
- 
getSessionIdThe current session Id.- Returns:
- The current SSL/TLS session ID
- Throws:
- IOException- If an error occurs trying to obtain the session ID
 
- 
getProtocol- Returns:
- the protocol String indicating how the SSL socket was created e.g. TLSv1 or TLSv1.2 etc.
- Throws:
- IOException- If an error occurs trying to obtain the protocol information from the socket
 
- 
getRequestedProtocols- Returns:
- the list of SSL/TLS protocol versions requested by the client
- Throws:
- IOException- If an error occurs trying to obtain the client requested protocol information from the socket
 
- 
getRequestedCiphers- Returns:
- the list of SSL/TLS ciphers requested by the client
- Throws:
- IOException- If an error occurs trying to obtain the client request cipher information from the socket
 
 
-