Package org.apache.tomcat.util.net

Class SSLHostConfig

java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
All Implemented Interfaces:
Serializable
public class SSLHostConfig extends Object implements Serializable
Represents the TLS configuration for a virtual host.
See Also:

  • Field Details

  • Constructor Details

    • SSLHostConfig

      public SSLHostConfig()

  • Method Details

    • isTls13RenegotiationAvailable

      public boolean isTls13RenegotiationAvailable()

    • setTls13RenegotiationAvailable

      public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable)

    • getOpenSslConfContext

      public Long getOpenSslConfContext()

    • setOpenSslConfContext

      public void setOpenSslConfContext(Long openSslConfContext)

    • getOpenSslContext

      public Long getOpenSslContext()

    • setOpenSslContext

      public void setOpenSslContext(Long openSslContext)

    • getConfigType

      public String getConfigType()

    • getEnabledProtocols

      public String[] getEnabledProtocols()
      Returns:
      The protocols enabled for this TLS virtual host
      See Also:

    • setEnabledProtocols

      public void setEnabledProtocols(String[] enabledProtocols)

    • getEnabledCiphers

      public String[] getEnabledCiphers()
      Returns:
      The ciphers enabled for this TLS virtual host
      See Also:

    • setEnabledCiphers

      public void setEnabledCiphers(String[] enabledCiphers)

    • getObjectName

      public ObjectName getObjectName()

    • setObjectName

      public void setObjectName(ObjectName oname)

    • addCertificate

      public void addCertificate(SSLHostConfigCertificate certificate)

    • getOpenSslConf

      public OpenSSLConf getOpenSslConf()

    • setOpenSslConf

      public void setOpenSslConf(OpenSSLConf conf)

    • getCertificates

      public Set<SSLHostConfigCertificate> getCertificates()

    • getCertificates

      public Set<SSLHostConfigCertificate> getCertificates(boolean createDefaultIfEmpty)

    • getCertificateKeyPassword

      @Deprecated public String getCertificateKeyPassword()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The default certificate key password.

    • setCertificateKeyPassword

      @Deprecated public void setCertificateKeyPassword(String certificateKeyPassword)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeyPassword - The password for the default certificate's key.

    • getCertificateKeyPasswordFile

      @Deprecated public String getCertificateKeyPasswordFile()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The password for the default certificate's key.

    • setCertificateKeyPasswordFile

      @Deprecated public void setCertificateKeyPasswordFile(String certificateKeyPasswordFile)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeyPasswordFile - The file containing the password for the default certificate's key.

    • setCertificateRevocationListFile

      public void setCertificateRevocationListFile(String certificateRevocationListFile)

    • getCertificateRevocationListFile

      public String getCertificateRevocationListFile()

    • setCertificateVerification

      public void setCertificateVerification(String certificateVerification)

    • getCertificateVerification

      public SSLHostConfig.CertificateVerification getCertificateVerification()

    • setCertificateVerificationAsString

      public void setCertificateVerificationAsString(String certificateVerification)

    • getCertificateVerificationAsString

      public String getCertificateVerificationAsString()

    • setCertificateVerificationDepth

      public void setCertificateVerificationDepth(int certificateVerificationDepth)

    • getCertificateVerificationDepth

      public int getCertificateVerificationDepth()

    • isCertificateVerificationDepthConfigured

      public boolean isCertificateVerificationDepthConfigured()

    • setCiphers

      public void setCiphers(String ciphersList)
      Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.
      Parameters:
      ciphersList - The new cipher configuration in OpenSSL or JSSE format

    • getCiphers

      public String getCiphers()
      Returns:
      An OpenSSL cipher string for the current configuration.

    • getCipherList

      public LinkedHashSet<Cipher> getCipherList()

    • getJsseCipherNames

      public List<String> getJsseCipherNames()
      Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.
      Returns:
      A list of the JSSE cipher names

    • setHonorCipherOrder

      public void setHonorCipherOrder(boolean honorCipherOrder)

    • getHonorCipherOrder

      public boolean getHonorCipherOrder()

    • setHostName

      public void setHostName(String hostName)

    • getHostName

      public String getHostName()
      Returns:
      The host name associated with this SSL configuration - always in lower case.

    • setProtocols

      public void setProtocols(String input)

    • getProtocols

      public Set<String> getProtocols()

    • setSessionCacheSize

      public void setSessionCacheSize(int sessionCacheSize)

    • getSessionCacheSize

      public int getSessionCacheSize()

    • setSessionTimeout

      public void setSessionTimeout(int sessionTimeout)

    • getSessionTimeout

      public int getSessionTimeout()

    • getCertificateKeyAlias

      @Deprecated public String getCertificateKeyAlias()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The key alias for the default certificate key.

    • setCertificateKeyAlias

      @Deprecated public void setCertificateKeyAlias(String certificateKeyAlias)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeyAlias - The alias of the certificate key.

    • getCertificateKeystoreFile

      @Deprecated public String getCertificateKeystoreFile()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The keystore file for the default certificate.

    • setCertificateKeystoreFile

      @Deprecated public void setCertificateKeystoreFile(String certificateKeystoreFile)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystoreFile - The file containing the certificate keystore.

    • getCertificateKeystorePassword

      @Deprecated public String getCertificateKeystorePassword()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The password for the default certificate's keystore.

    • setCertificateKeystorePassword

      @Deprecated public void setCertificateKeystorePassword(String certificateKeystorePassword)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystorePassword - The password for the certificate keystore.

    • getCertificateKeystorePasswordFile

      @Deprecated public String getCertificateKeystorePasswordFile()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The file containing the default certificate's keystore password.

    • setCertificateKeystorePasswordFile

      @Deprecated public void setCertificateKeystorePasswordFile(String certificateKeystorePasswordFile)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystorePasswordFile - The file containing the default certificate's keystore password.

    • getCertificateKeystoreProvider

      @Deprecated public String getCertificateKeystoreProvider()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The provider for the default certificate's keystore.

    • setCertificateKeystoreProvider

      @Deprecated public void setCertificateKeystoreProvider(String certificateKeystoreProvider)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystoreProvider - The provider for the default certificate's keystore.

    • getCertificateKeystoreType

      @Deprecated public String getCertificateKeystoreType()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The type of the default certificate's keystore.

    • setCertificateKeystoreType

      @Deprecated public void setCertificateKeystoreType(String certificateKeystoreType)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystoreType - The type of the default certificate's keystore.

    • setKeyManagerAlgorithm

      public void setKeyManagerAlgorithm(String keyManagerAlgorithm)

    • getKeyManagerAlgorithm

      public String getKeyManagerAlgorithm()

    • setRevocationEnabled

      public void setRevocationEnabled(boolean revocationEnabled)

    • getRevocationEnabled

      public boolean getRevocationEnabled()

    • setSslProtocol

      public void setSslProtocol(String sslProtocol)

    • getSslProtocol

      public String getSslProtocol()

    • setTrustManagerClassName

      public void setTrustManagerClassName(String trustManagerClassName)

    • getTrustManagerClassName

      public String getTrustManagerClassName()

    • setTruststoreAlgorithm

      public void setTruststoreAlgorithm(String truststoreAlgorithm)

    • getTruststoreAlgorithm

      public String getTruststoreAlgorithm()

    • setTruststoreFile

      public void setTruststoreFile(String truststoreFile)

    • getTruststoreFile

      public String getTruststoreFile()

    • setTruststorePassword

      public void setTruststorePassword(String truststorePassword)

    • getTruststorePassword

      public String getTruststorePassword()

    • setTruststoreProvider

      public void setTruststoreProvider(String truststoreProvider)

    • getTruststoreProvider

      public String getTruststoreProvider()

    • setTruststoreType

      public void setTruststoreType(String truststoreType)

    • getTruststoreType

      public String getTruststoreType()

    • setTrustStore

      public void setTrustStore(KeyStore truststore)

    • getTruststore

      public KeyStore getTruststore() throws IOException
      Throws:
      IOException

    • getCertificateChainFile

      public String getCertificateChainFile()

    • setCertificateChainFile

      public void setCertificateChainFile(String certificateChainFile)

    • getCertificateFile

      public String getCertificateFile()

    • setCertificateFile

      public void setCertificateFile(String certificateFile)

    • getCertificateKeyFile

      public String getCertificateKeyFile()

    • setCertificateKeyFile

      public void setCertificateKeyFile(String certificateKeyFile)

    • setCertificateRevocationListPath

      public void setCertificateRevocationListPath(String certificateRevocationListPath)

    • getCertificateRevocationListPath

      public String getCertificateRevocationListPath()

    • setCaCertificateFile

      public void setCaCertificateFile(String caCertificateFile)

    • getCaCertificateFile

      public String getCaCertificateFile()

    • setCaCertificatePath

      public void setCaCertificatePath(String caCertificatePath)

    • getCaCertificatePath

      public String getCaCertificatePath()

    • setDisableCompression

      public void setDisableCompression(boolean disableCompression)

    • getDisableCompression

      public boolean getDisableCompression()

    • setDisableSessionTickets

      public void setDisableSessionTickets(boolean disableSessionTickets)

    • getDisableSessionTickets

      public boolean getDisableSessionTickets()

    • setInsecureRenegotiation

      public void setInsecureRenegotiation(boolean insecureRenegotiation)

    • getInsecureRenegotiation

      public boolean getInsecureRenegotiation()

    • certificatesExpiringBefore

      public Set<X509Certificate> certificatesExpiringBefore(Date date)

    • adjustRelativePath

      public static String adjustRelativePath(String path) throws FileNotFoundException
      Throws:
      FileNotFoundException