Class SSLHostConfig

java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
All Implemented Interfaces:
Serializable

public class SSLHostConfig extends Object implements Serializable
Represents the TLS configuration for a virtual host.
See Also:
  • Field Details

  • Constructor Details

    • SSLHostConfig

      public SSLHostConfig()
  • Method Details

    • isTls13RenegotiationAvailable

      public boolean isTls13RenegotiationAvailable()
    • setTls13RenegotiationAvailable

      public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable)
    • getOpenSslConfContext

      public Long getOpenSslConfContext()
    • setOpenSslConfContext

      public void setOpenSslConfContext(Long openSslConfContext)
    • getOpenSslContext

      public Long getOpenSslContext()
    • setOpenSslContext

      public void setOpenSslContext(Long openSslContext)
    • getConfigType

      public String getConfigType()
    • getEnabledProtocols

      public String[] getEnabledProtocols()
      Returns:
      The protocols enabled for this TLS virtual host
      See Also:
    • setEnabledProtocols

      public void setEnabledProtocols(String[] enabledProtocols)
    • getEnabledCiphers

      public String[] getEnabledCiphers()
      Returns:
      The ciphers enabled for this TLS virtual host
      See Also:
    • setEnabledCiphers

      public void setEnabledCiphers(String[] enabledCiphers)
    • getObjectName

      public ObjectName getObjectName()
    • setObjectName

      public void setObjectName(ObjectName oname)
    • addCertificate

      public void addCertificate(SSLHostConfigCertificate certificate)
    • getOpenSslConf

      public OpenSSLConf getOpenSslConf()
    • setOpenSslConf

      public void setOpenSslConf(OpenSSLConf conf)
    • getCertificates

      public Set<SSLHostConfigCertificate> getCertificates()
    • getCertificates

      public Set<SSLHostConfigCertificate> getCertificates(boolean createDefaultIfEmpty)
    • getCertificateKeyPassword

      public String getCertificateKeyPassword()
    • setCertificateKeyPassword

      public void setCertificateKeyPassword(String certificateKeyPassword)
    • getCertificateKeyPasswordFile

      public String getCertificateKeyPasswordFile()
    • setCertificateKeyPasswordFile

      public void setCertificateKeyPasswordFile(String certificateKeyPasswordFile)
    • setCertificateRevocationListFile

      public void setCertificateRevocationListFile(String certificateRevocationListFile)
    • getCertificateRevocationListFile

      public String getCertificateRevocationListFile()
    • setCertificateVerification

      public void setCertificateVerification(String certificateVerification)
    • getCertificateVerification

      public SSLHostConfig.CertificateVerification getCertificateVerification()
    • setCertificateVerificationAsString

      public void setCertificateVerificationAsString(String certificateVerification)
    • getCertificateVerificationAsString

      public String getCertificateVerificationAsString()
    • setCertificateVerificationDepth

      public void setCertificateVerificationDepth(int certificateVerificationDepth)
    • getCertificateVerificationDepth

      public int getCertificateVerificationDepth()
    • isCertificateVerificationDepthConfigured

      public boolean isCertificateVerificationDepthConfigured()
    • setCiphers

      public void setCiphers(String ciphersList)
      Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.
      Parameters:
      ciphersList - The new cipher configuration in OpenSSL or JSSE format
    • getCiphers

      public String getCiphers()
      Returns:
      An OpenSSL cipher string for the current configuration.
    • getCipherList

      public LinkedHashSet<Cipher> getCipherList()
    • getJsseCipherNames

      public List<String> getJsseCipherNames()
      Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.
      Returns:
      A list of the JSSE cipher names
    • setHonorCipherOrder

      public void setHonorCipherOrder(String honorCipherOrder)
    • getHonorCipherOrder

      public String getHonorCipherOrder()
    • setHostName

      public void setHostName(String hostName)
    • getHostName

      public String getHostName()
      Returns:
      The host name associated with this SSL configuration - always in lower case.
    • setProtocols

      public void setProtocols(String input)
    • getProtocols

      public Set<String> getProtocols()
    • setSessionCacheSize

      public void setSessionCacheSize(int sessionCacheSize)
    • getSessionCacheSize

      public int getSessionCacheSize()
    • setSessionTimeout

      public void setSessionTimeout(int sessionTimeout)
    • getSessionTimeout

      public int getSessionTimeout()
    • getCertificateKeyAlias

      public String getCertificateKeyAlias()
    • setCertificateKeyAlias

      public void setCertificateKeyAlias(String certificateKeyAlias)
    • getCertificateKeystoreFile

      public String getCertificateKeystoreFile()
    • setCertificateKeystoreFile

      public void setCertificateKeystoreFile(String certificateKeystoreFile)
    • getCertificateKeystorePassword

      public String getCertificateKeystorePassword()
    • setCertificateKeystorePassword

      public void setCertificateKeystorePassword(String certificateKeystorePassword)
    • getCertificateKeystorePasswordFile

      public String getCertificateKeystorePasswordFile()
    • setCertificateKeystorePasswordFile

      public void setCertificateKeystorePasswordFile(String certificateKeystorePasswordFile)
    • getCertificateKeystoreProvider

      public String getCertificateKeystoreProvider()
    • setCertificateKeystoreProvider

      public void setCertificateKeystoreProvider(String certificateKeystoreProvider)
    • getCertificateKeystoreType

      public String getCertificateKeystoreType()
    • setCertificateKeystoreType

      public void setCertificateKeystoreType(String certificateKeystoreType)
    • setKeyManagerAlgorithm

      public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
    • getKeyManagerAlgorithm

      public String getKeyManagerAlgorithm()
    • setRevocationEnabled

      public void setRevocationEnabled(boolean revocationEnabled)
    • getRevocationEnabled

      public boolean getRevocationEnabled()
    • setSslProtocol

      public void setSslProtocol(String sslProtocol)
    • getSslProtocol

      public String getSslProtocol()
    • setTrustManagerClassName

      public void setTrustManagerClassName(String trustManagerClassName)
    • getTrustManagerClassName

      public String getTrustManagerClassName()
    • setTruststoreAlgorithm

      public void setTruststoreAlgorithm(String truststoreAlgorithm)
    • getTruststoreAlgorithm

      public String getTruststoreAlgorithm()
    • setTruststoreFile

      public void setTruststoreFile(String truststoreFile)
    • getTruststoreFile

      public String getTruststoreFile()
    • setTruststorePassword

      public void setTruststorePassword(String truststorePassword)
    • getTruststorePassword

      public String getTruststorePassword()
    • setTruststoreProvider

      public void setTruststoreProvider(String truststoreProvider)
    • getTruststoreProvider

      public String getTruststoreProvider()
    • setTruststoreType

      public void setTruststoreType(String truststoreType)
    • getTruststoreType

      public String getTruststoreType()
    • setTrustStore

      public void setTrustStore(KeyStore truststore)
    • getTruststore

      public KeyStore getTruststore() throws IOException
      Throws:
      IOException
    • getCertificateChainFile

      public String getCertificateChainFile()
    • setCertificateChainFile

      public void setCertificateChainFile(String certificateChainFile)
    • getCertificateFile

      public String getCertificateFile()
    • setCertificateFile

      public void setCertificateFile(String certificateFile)
    • getCertificateKeyFile

      public String getCertificateKeyFile()
    • setCertificateKeyFile

      public void setCertificateKeyFile(String certificateKeyFile)
    • setCertificateRevocationListPath

      public void setCertificateRevocationListPath(String certificateRevocationListPath)
    • getCertificateRevocationListPath

      public String getCertificateRevocationListPath()
    • setCaCertificateFile

      public void setCaCertificateFile(String caCertificateFile)
    • getCaCertificateFile

      public String getCaCertificateFile()
    • setCaCertificatePath

      public void setCaCertificatePath(String caCertificatePath)
    • getCaCertificatePath

      public String getCaCertificatePath()
    • setDisableCompression

      public void setDisableCompression(boolean disableCompression)
    • getDisableCompression

      public boolean getDisableCompression()
    • setDisableSessionTickets

      public void setDisableSessionTickets(boolean disableSessionTickets)
    • getDisableSessionTickets

      public boolean getDisableSessionTickets()
    • setInsecureRenegotiation

      public void setInsecureRenegotiation(boolean insecureRenegotiation)
    • getInsecureRenegotiation

      public boolean getInsecureRenegotiation()
    • certificatesExpiringBefore

      public Set<X509Certificate> certificatesExpiringBefore(Date date)
    • adjustRelativePath

      public static String adjustRelativePath(String path) throws FileNotFoundException
      Throws:
      FileNotFoundException