Package org.apache.tomcat.util.net
Class SSLHostConfig
java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
- All Implemented Interfaces:
- Serializable
Represents the TLS configuration for a virtual host.
- See Also:
- 
Nested Class SummaryNested ClassesModifier and TypeClassDescriptionstatic enumstatic enum
- 
Field SummaryFields
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionvoidaddCertificate(SSLHostConfigCertificate certificate) static StringadjustRelativePath(String path) getCertificates(boolean createDefaultIfEmpty) intbooleanbooleanString[]String[]booleanbooleanObtain the list of JSSE cipher names for the current configuration.booleanintintbooleanbooleanvoidsetCaCertificateFile(String caCertificateFile) voidsetCaCertificatePath(String caCertificatePath) voidsetCertificateRevocationListFile(String certificateRevocationListFile) voidsetCertificateRevocationListPath(String certificateRevocationListPath) voidsetCertificateVerification(String certificateVerification) voidsetCertificateVerificationAsString(String certificateVerification) voidsetCertificateVerificationDepth(int certificateVerificationDepth) voidsetCiphers(String ciphersList) Set the new cipher configuration.voidsetDisableCompression(boolean disableCompression) voidsetDisableSessionTickets(boolean disableSessionTickets) voidsetEnabledCiphers(String[] enabledCiphers) voidsetEnabledProtocols(String[] enabledProtocols) voidsetHonorCipherOrder(boolean honorCipherOrder) voidsetHostName(String hostName) voidsetInsecureRenegotiation(boolean insecureRenegotiation) voidsetKeyManagerAlgorithm(String keyManagerAlgorithm) voidsetObjectName(ObjectName oname) voidsetOpenSslConf(OpenSSLConf conf) voidsetOpenSslConfContext(Long openSslConfContext) voidsetOpenSslContext(Long openSslContext) voidsetProtocols(String input) voidsetRevocationEnabled(boolean revocationEnabled) voidsetSessionCacheSize(int sessionCacheSize) voidsetSessionTimeout(int sessionTimeout) voidsetSslProtocol(String sslProtocol) voidsetTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) voidsetTrustManagerClassName(String trustManagerClassName) voidsetTrustStore(KeyStore truststore) voidsetTruststoreAlgorithm(String truststoreAlgorithm) voidsetTruststoreFile(String truststoreFile) voidsetTruststorePassword(String truststorePassword) voidsetTruststoreProvider(String truststoreProvider) voidsetTruststoreType(String truststoreType) 
- 
Field Details- 
DEFAULT_SSL_HOST_NAME- See Also:
 
- 
SSL_PROTO_ALL_SET
- 
DEFAULT_TLS_CIPHERS- See Also:
 
 
- 
- 
Constructor Details- 
SSLHostConfigpublic SSLHostConfig()
 
- 
- 
Method Details- 
isTls13RenegotiationAvailablepublic boolean isTls13RenegotiationAvailable()
- 
setTls13RenegotiationAvailablepublic void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) 
- 
getOpenSslConfContext
- 
setOpenSslConfContext
- 
getOpenSslContext
- 
setOpenSslContext
- 
getConfigType
- 
getEnabledProtocols- Returns:
- The protocols enabled for this TLS virtual host
- See Also:
 
- 
setEnabledProtocols
- 
getEnabledCiphers- Returns:
- The ciphers enabled for this TLS virtual host
- See Also:
 
- 
setEnabledCiphers
- 
getObjectName
- 
setObjectName
- 
addCertificate
- 
getOpenSslConf
- 
setOpenSslConf
- 
getCertificates
- 
getCertificates
- 
setCertificateRevocationListFile
- 
getCertificateRevocationListFile
- 
setCertificateVerification
- 
getCertificateVerification
- 
setCertificateVerificationAsString
- 
getCertificateVerificationAsString
- 
setCertificateVerificationDepthpublic void setCertificateVerificationDepth(int certificateVerificationDepth) 
- 
getCertificateVerificationDepthpublic int getCertificateVerificationDepth()
- 
isCertificateVerificationDepthConfiguredpublic boolean isCertificateVerificationDepthConfigured()
- 
setCiphersSet the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.- Parameters:
- ciphersList- The new cipher configuration in OpenSSL or JSSE format
 
- 
getCiphers- Returns:
- An OpenSSL cipher string for the current configuration.
 
- 
getCipherList
- 
getJsseCipherNamesObtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.- Returns:
- A list of the JSSE cipher names
 
- 
setHonorCipherOrderpublic void setHonorCipherOrder(boolean honorCipherOrder) 
- 
getHonorCipherOrderpublic boolean getHonorCipherOrder()
- 
setHostName
- 
getHostName- Returns:
- The host name associated with this SSL configuration - always in lower case.
 
- 
setProtocols
- 
getProtocols
- 
setSessionCacheSizepublic void setSessionCacheSize(int sessionCacheSize) 
- 
getSessionCacheSizepublic int getSessionCacheSize()
- 
setSessionTimeoutpublic void setSessionTimeout(int sessionTimeout) 
- 
getSessionTimeoutpublic int getSessionTimeout()
- 
setKeyManagerAlgorithm
- 
getKeyManagerAlgorithm
- 
setRevocationEnabledpublic void setRevocationEnabled(boolean revocationEnabled) 
- 
getRevocationEnabledpublic boolean getRevocationEnabled()
- 
setSslProtocol
- 
getSslProtocol
- 
setTrustManagerClassName
- 
getTrustManagerClassName
- 
setTruststoreAlgorithm
- 
getTruststoreAlgorithm
- 
setTruststoreFile
- 
getTruststoreFile
- 
setTruststorePassword
- 
getTruststorePassword
- 
setTruststoreProvider
- 
getTruststoreProvider
- 
setTruststoreType
- 
getTruststoreType
- 
setTrustStore
- 
getTruststore- Throws:
- IOException
 
- 
setCertificateRevocationListPath
- 
getCertificateRevocationListPath
- 
setCaCertificateFile
- 
getCaCertificateFile
- 
setCaCertificatePath
- 
getCaCertificatePath
- 
setDisableCompressionpublic void setDisableCompression(boolean disableCompression) 
- 
getDisableCompressionpublic boolean getDisableCompression()
- 
setDisableSessionTicketspublic void setDisableSessionTickets(boolean disableSessionTickets) 
- 
getDisableSessionTicketspublic boolean getDisableSessionTickets()
- 
setInsecureRenegotiationpublic void setInsecureRenegotiation(boolean insecureRenegotiation) 
- 
getInsecureRenegotiationpublic boolean getInsecureRenegotiation()
- 
certificatesExpiringBefore
- 
adjustRelativePath- Throws:
- FileNotFoundException
 
 
-