Package org.apache.tomcat.util.net
Class SSLHostConfig
java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
- All Implemented Interfaces:
- Serializable
Represents the TLS configuration for a virtual host.
- See Also:
- 
Nested Class SummaryNested ClassesModifier and TypeClassDescriptionstatic enumstatic enum
- 
Field SummaryFields
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionvoidaddCertificate(SSLHostConfigCertificate certificate) static StringadjustRelativePath(String path) Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.getCertificates(boolean createDefaultIfEmpty) intbooleanbooleanString[]String[]booleanbooleanObtain the list of JSSE cipher names for the current configuration.booleanintintbooleanbooleanvoidsetCaCertificateFile(String caCertificateFile) voidsetCaCertificatePath(String caCertificatePath) voidsetCertificateChainFile(String certificateChainFile) voidsetCertificateFile(String certificateFile) voidsetCertificateKeyAlias(String certificateKeyAlias) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeyFile(String certificateKeyFile) voidsetCertificateKeyPassword(String certificateKeyPassword) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeyPasswordFile(String certificateKeyPasswordFile) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystoreFile(String certificateKeystoreFile) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystorePassword(String certificateKeystorePassword) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystorePasswordFile(String certificateKeystorePasswordFile) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystoreProvider(String certificateKeystoreProvider) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystoreType(String certificateKeystoreType) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateRevocationListFile(String certificateRevocationListFile) voidsetCertificateRevocationListPath(String certificateRevocationListPath) voidsetCertificateVerification(String certificateVerification) voidsetCertificateVerificationAsString(String certificateVerification) voidsetCertificateVerificationDepth(int certificateVerificationDepth) voidsetCiphers(String ciphersList) Set the new cipher configuration.voidsetDisableCompression(boolean disableCompression) voidsetDisableSessionTickets(boolean disableSessionTickets) voidsetEnabledCiphers(String[] enabledCiphers) voidsetEnabledProtocols(String[] enabledProtocols) voidsetHonorCipherOrder(boolean honorCipherOrder) voidsetHostName(String hostName) voidsetInsecureRenegotiation(boolean insecureRenegotiation) voidsetKeyManagerAlgorithm(String keyManagerAlgorithm) voidsetObjectName(ObjectName oname) voidsetOpenSslConf(OpenSSLConf conf) voidsetOpenSslConfContext(Long openSslConfContext) voidsetOpenSslContext(Long openSslContext) voidsetProtocols(String input) voidsetRevocationEnabled(boolean revocationEnabled) voidsetSessionCacheSize(int sessionCacheSize) voidsetSessionTimeout(int sessionTimeout) voidsetSslProtocol(String sslProtocol) voidsetTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) voidsetTrustManagerClassName(String trustManagerClassName) voidsetTrustStore(KeyStore truststore) voidsetTruststoreAlgorithm(String truststoreAlgorithm) voidsetTruststoreFile(String truststoreFile) voidsetTruststorePassword(String truststorePassword) voidsetTruststoreProvider(String truststoreProvider) voidsetTruststoreType(String truststoreType) 
- 
Field Details- 
DEFAULT_SSL_HOST_NAME- See Also:
 
- 
SSL_PROTO_ALL_SET
- 
DEFAULT_TLS_CIPHERS- See Also:
 
 
- 
- 
Constructor Details- 
SSLHostConfigpublic SSLHostConfig()
 
- 
- 
Method Details- 
isTls13RenegotiationAvailablepublic boolean isTls13RenegotiationAvailable()
- 
setTls13RenegotiationAvailablepublic void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) 
- 
getOpenSslConfContext
- 
setOpenSslConfContext
- 
getOpenSslContext
- 
setOpenSslContext
- 
getConfigType
- 
getEnabledProtocols- Returns:
- The protocols enabled for this TLS virtual host
- See Also:
 
- 
setEnabledProtocols
- 
getEnabledCiphers- Returns:
- The ciphers enabled for this TLS virtual host
- See Also:
 
- 
setEnabledCiphers
- 
getObjectName
- 
setObjectName
- 
addCertificate
- 
getOpenSslConf
- 
setOpenSslConf
- 
getCertificates
- 
getCertificates
- 
getCertificateKeyPasswordDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The default certificate key password.
 
- 
setCertificateKeyPasswordDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeyPassword- The password for the default certificate's key.
 
- 
getCertificateKeyPasswordFileDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The password for the default certificate's key.
 
- 
setCertificateKeyPasswordFileDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeyPasswordFile- The file containing the password for the default certificate's key.
 
- 
setCertificateRevocationListFile
- 
getCertificateRevocationListFile
- 
setCertificateVerification
- 
getCertificateVerification
- 
setCertificateVerificationAsString
- 
getCertificateVerificationAsString
- 
setCertificateVerificationDepthpublic void setCertificateVerificationDepth(int certificateVerificationDepth) 
- 
getCertificateVerificationDepthpublic int getCertificateVerificationDepth()
- 
isCertificateVerificationDepthConfiguredpublic boolean isCertificateVerificationDepthConfigured()
- 
setCiphersSet the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.- Parameters:
- ciphersList- The new cipher configuration in OpenSSL or JSSE format
 
- 
getCiphers- Returns:
- An OpenSSL cipher string for the current configuration.
 
- 
getCipherList
- 
getJsseCipherNamesObtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.- Returns:
- A list of the JSSE cipher names
 
- 
setHonorCipherOrderpublic void setHonorCipherOrder(boolean honorCipherOrder) 
- 
getHonorCipherOrderpublic boolean getHonorCipherOrder()
- 
setHostName
- 
getHostName- Returns:
- The host name associated with this SSL configuration - always in lower case.
 
- 
setProtocols
- 
getProtocols
- 
setSessionCacheSizepublic void setSessionCacheSize(int sessionCacheSize) 
- 
getSessionCacheSizepublic int getSessionCacheSize()
- 
setSessionTimeoutpublic void setSessionTimeout(int sessionTimeout) 
- 
getSessionTimeoutpublic int getSessionTimeout()
- 
getCertificateKeyAliasDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The key alias for the default certificate key.
 
- 
setCertificateKeyAliasDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeyAlias- The alias of the certificate key.
 
- 
getCertificateKeystoreFileDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The keystore file for the default certificate.
 
- 
setCertificateKeystoreFileDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeystoreFile- The file containing the certificate keystore.
 
- 
getCertificateKeystorePasswordDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The password for the default certificate's keystore.
 
- 
setCertificateKeystorePasswordDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeystorePassword- The password for the certificate keystore.
 
- 
getCertificateKeystorePasswordFileDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The file containing the default certificate's keystore password.
 
- 
setCertificateKeystorePasswordFileDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeystorePasswordFile- The file containing the default certificate's keystore password.
 
- 
getCertificateKeystoreProviderDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The provider for the default certificate's keystore.
 
- 
setCertificateKeystoreProviderDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeystoreProvider- The provider for the default certificate's keystore.
 
- 
getCertificateKeystoreTypeDeprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The type of the default certificate's keystore.
 
- 
setCertificateKeystoreTypeDeprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
- certificateKeystoreType- The type of the default certificate's keystore.
 
- 
setKeyManagerAlgorithm
- 
getKeyManagerAlgorithm
- 
setRevocationEnabledpublic void setRevocationEnabled(boolean revocationEnabled) 
- 
getRevocationEnabledpublic boolean getRevocationEnabled()
- 
setSslProtocol
- 
getSslProtocol
- 
setTrustManagerClassName
- 
getTrustManagerClassName
- 
setTruststoreAlgorithm
- 
getTruststoreAlgorithm
- 
setTruststoreFile
- 
getTruststoreFile
- 
setTruststorePassword
- 
getTruststorePassword
- 
setTruststoreProvider
- 
getTruststoreProvider
- 
setTruststoreType
- 
getTruststoreType
- 
setTrustStore
- 
getTruststore- Throws:
- IOException
 
- 
getCertificateChainFile
- 
setCertificateChainFile
- 
getCertificateFile
- 
setCertificateFile
- 
getCertificateKeyFile
- 
setCertificateKeyFile
- 
setCertificateRevocationListPath
- 
getCertificateRevocationListPath
- 
setCaCertificateFile
- 
getCaCertificateFile
- 
setCaCertificatePath
- 
getCaCertificatePath
- 
setDisableCompressionpublic void setDisableCompression(boolean disableCompression) 
- 
getDisableCompressionpublic boolean getDisableCompression()
- 
setDisableSessionTicketspublic void setDisableSessionTickets(boolean disableSessionTickets) 
- 
getDisableSessionTicketspublic boolean getDisableSessionTickets()
- 
setInsecureRenegotiationpublic void setInsecureRenegotiation(boolean insecureRenegotiation) 
- 
getInsecureRenegotiationpublic boolean getInsecureRenegotiation()
- 
certificatesExpiringBefore
- 
adjustRelativePath- Throws:
- FileNotFoundException
 
 
-