Package org.apache.tomcat.util.net
Class SSLHostConfig
- java.lang.Object
-
- org.apache.tomcat.util.net.SSLHostConfig
-
- All Implemented Interfaces:
Serializable
public class SSLHostConfig extends Object implements Serializable
Represents the TLS configuration for a virtual host.- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
SSLHostConfig.CertificateVerification
static class
SSLHostConfig.Type
-
Field Summary
Fields Modifier and Type Field Description protected static String
DEFAULT_SSL_HOST_NAME
static String
DEFAULT_TLS_CIPHERS
protected static Set<String>
SSL_PROTO_ALL_SET
-
Constructor Summary
Constructors Constructor Description SSLHostConfig()
-
Method Summary
-
-
-
Field Detail
-
DEFAULT_SSL_HOST_NAME
protected static final String DEFAULT_SSL_HOST_NAME
- See Also:
- Constant Field Values
-
DEFAULT_TLS_CIPHERS
public static final String DEFAULT_TLS_CIPHERS
- See Also:
- Constant Field Values
-
-
Method Detail
-
isTls13RenegotiationAvailable
public boolean isTls13RenegotiationAvailable()
-
setTls13RenegotiationAvailable
public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable)
-
getOpenSslConfContext
public Long getOpenSslConfContext()
-
setOpenSslConfContext
public void setOpenSslConfContext(Long openSslConfContext)
-
getOpenSslContext
public Long getOpenSslContext()
-
setOpenSslContext
public void setOpenSslContext(Long openSslContext)
-
getConfigType
public String getConfigType()
-
getEnabledProtocols
public String[] getEnabledProtocols()
- Returns:
- The protocols enabled for this TLS virtual host
- See Also:
SSLUtil.getEnabledProtocols()
-
setEnabledProtocols
public void setEnabledProtocols(String[] enabledProtocols)
-
getEnabledCiphers
public String[] getEnabledCiphers()
- Returns:
- The ciphers enabled for this TLS virtual host
- See Also:
SSLUtil.getEnabledCiphers()
-
setEnabledCiphers
public void setEnabledCiphers(String[] enabledCiphers)
-
getObjectName
public ObjectName getObjectName()
-
setObjectName
public void setObjectName(ObjectName oname)
-
addCertificate
public void addCertificate(SSLHostConfigCertificate certificate)
-
getOpenSslConf
public OpenSSLConf getOpenSslConf()
-
setOpenSslConf
public void setOpenSslConf(OpenSSLConf conf)
-
getCertificates
public Set<SSLHostConfigCertificate> getCertificates()
-
getCertificates
public Set<SSLHostConfigCertificate> getCertificates(boolean createDefaultIfEmpty)
-
setCertificateRevocationListFile
public void setCertificateRevocationListFile(String certificateRevocationListFile)
-
getCertificateRevocationListFile
public String getCertificateRevocationListFile()
-
setCertificateVerification
public void setCertificateVerification(String certificateVerification)
-
getCertificateVerification
public SSLHostConfig.CertificateVerification getCertificateVerification()
-
setCertificateVerificationAsString
public void setCertificateVerificationAsString(String certificateVerification)
-
getCertificateVerificationAsString
public String getCertificateVerificationAsString()
-
setCertificateVerificationDepth
public void setCertificateVerificationDepth(int certificateVerificationDepth)
-
getCertificateVerificationDepth
public int getCertificateVerificationDepth()
-
isCertificateVerificationDepthConfigured
public boolean isCertificateVerificationDepthConfigured()
-
setCiphers
public void setCiphers(String ciphersList)
Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.- Parameters:
ciphersList
- The new cipher configuration in OpenSSL or JSSE format
-
getCiphers
public String getCiphers()
- Returns:
- An OpenSSL cipher string for the current configuration.
-
getCipherList
public LinkedHashSet<Cipher> getCipherList()
-
getJsseCipherNames
public List<String> getJsseCipherNames()
Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.- Returns:
- A list of the JSSE cipher names
-
setHonorCipherOrder
public void setHonorCipherOrder(boolean honorCipherOrder)
-
getHonorCipherOrder
public boolean getHonorCipherOrder()
-
setHostName
public void setHostName(String hostName)
-
getHostName
public String getHostName()
- Returns:
- The host name associated with this SSL configuration - always in lower case.
-
setProtocols
public void setProtocols(String input)
-
setSessionCacheSize
public void setSessionCacheSize(int sessionCacheSize)
-
getSessionCacheSize
public int getSessionCacheSize()
-
setSessionTimeout
public void setSessionTimeout(int sessionTimeout)
-
getSessionTimeout
public int getSessionTimeout()
-
setKeyManagerAlgorithm
public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
-
getKeyManagerAlgorithm
public String getKeyManagerAlgorithm()
-
setRevocationEnabled
public void setRevocationEnabled(boolean revocationEnabled)
-
getRevocationEnabled
public boolean getRevocationEnabled()
-
setSslProtocol
public void setSslProtocol(String sslProtocol)
-
getSslProtocol
public String getSslProtocol()
-
setTrustManagerClassName
public void setTrustManagerClassName(String trustManagerClassName)
-
getTrustManagerClassName
public String getTrustManagerClassName()
-
setTruststoreAlgorithm
public void setTruststoreAlgorithm(String truststoreAlgorithm)
-
getTruststoreAlgorithm
public String getTruststoreAlgorithm()
-
setTruststoreFile
public void setTruststoreFile(String truststoreFile)
-
getTruststoreFile
public String getTruststoreFile()
-
setTruststorePassword
public void setTruststorePassword(String truststorePassword)
-
getTruststorePassword
public String getTruststorePassword()
-
setTruststoreProvider
public void setTruststoreProvider(String truststoreProvider)
-
getTruststoreProvider
public String getTruststoreProvider()
-
setTruststoreType
public void setTruststoreType(String truststoreType)
-
getTruststoreType
public String getTruststoreType()
-
setTrustStore
public void setTrustStore(KeyStore truststore)
-
getTruststore
public KeyStore getTruststore() throws IOException
- Throws:
IOException
-
setCertificateRevocationListPath
public void setCertificateRevocationListPath(String certificateRevocationListPath)
-
getCertificateRevocationListPath
public String getCertificateRevocationListPath()
-
setCaCertificateFile
public void setCaCertificateFile(String caCertificateFile)
-
getCaCertificateFile
public String getCaCertificateFile()
-
setCaCertificatePath
public void setCaCertificatePath(String caCertificatePath)
-
getCaCertificatePath
public String getCaCertificatePath()
-
setDisableCompression
public void setDisableCompression(boolean disableCompression)
-
getDisableCompression
public boolean getDisableCompression()
-
setDisableSessionTickets
public void setDisableSessionTickets(boolean disableSessionTickets)
-
getDisableSessionTickets
public boolean getDisableSessionTickets()
-
setInsecureRenegotiation
public void setInsecureRenegotiation(boolean insecureRenegotiation)
-
getInsecureRenegotiation
public boolean getInsecureRenegotiation()
-
adjustRelativePath
public static String adjustRelativePath(String path) throws FileNotFoundException
- Throws:
FileNotFoundException
-
-