Class SSLHostConfig
java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
- All Implemented Interfaces:
Serializable
Represents the TLS configuration for a virtual host.
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumstatic enum -
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidaddCertificate(SSLHostConfigCertificate certificate) static StringadjustRelativePath(String path) Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.Deprecated.Obtain the prefered Certificate and call this method, there.getCertificates(boolean createDefaultIfEmpty) intbooleanbooleanString[]String[]booleanbooleanObtain the list of JSSE cipher names for the current configuration.booleanintintbooleanbooleanvoidsetCaCertificateFile(String caCertificateFile) voidsetCaCertificatePath(String caCertificatePath) voidsetCertificateChainFile(String certificateChainFile) voidsetCertificateFile(String certificateFile) voidsetCertificateKeyAlias(String certificateKeyAlias) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeyFile(String certificateKeyFile) voidsetCertificateKeyPassword(String certificateKeyPassword) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeyPasswordFile(String certificateKeyPasswordFile) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystoreFile(String certificateKeystoreFile) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystorePassword(String certificateKeystorePassword) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystorePasswordFile(String certificateKeystorePasswordFile) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystoreProvider(String certificateKeystoreProvider) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateKeystoreType(String certificateKeystoreType) Deprecated.Obtain the prefered Certificate and call this method, there.voidsetCertificateRevocationListFile(String certificateRevocationListFile) voidsetCertificateRevocationListPath(String certificateRevocationListPath) voidsetCertificateVerification(String certificateVerification) voidsetCertificateVerificationAsString(String certificateVerification) voidsetCertificateVerificationDepth(int certificateVerificationDepth) voidsetCiphers(String ciphersList) Set the new cipher configuration.voidsetDisableCompression(boolean disableCompression) voidsetDisableSessionTickets(boolean disableSessionTickets) voidsetEnabledCiphers(String[] enabledCiphers) voidsetEnabledProtocols(String[] enabledProtocols) voidsetHonorCipherOrder(boolean honorCipherOrder) voidsetHostName(String hostName) voidsetInsecureRenegotiation(boolean insecureRenegotiation) voidsetKeyManagerAlgorithm(String keyManagerAlgorithm) voidsetObjectName(ObjectName oname) voidsetOpenSslConf(OpenSSLConf conf) voidsetOpenSslConfContext(Long openSslConfContext) voidsetOpenSslContext(Long openSslContext) voidsetProtocols(String input) voidsetRevocationEnabled(boolean revocationEnabled) voidsetSessionCacheSize(int sessionCacheSize) voidsetSessionTimeout(int sessionTimeout) voidsetSslProtocol(String sslProtocol) voidsetTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) voidsetTrustManagerClassName(String trustManagerClassName) voidsetTrustStore(KeyStore truststore) voidsetTruststoreAlgorithm(String truststoreAlgorithm) voidsetTruststoreFile(String truststoreFile) voidsetTruststorePassword(String truststorePassword) voidsetTruststoreProvider(String truststoreProvider) voidsetTruststoreType(String truststoreType)
-
Field Details
-
DEFAULT_SSL_HOST_NAME
- See Also:
-
SSL_PROTO_ALL_SET
-
DEFAULT_TLS_CIPHERS
- See Also:
-
-
Constructor Details
-
SSLHostConfig
public SSLHostConfig()
-
-
Method Details
-
isTls13RenegotiationAvailable
public boolean isTls13RenegotiationAvailable() -
setTls13RenegotiationAvailable
public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable) -
getOpenSslConfContext
-
setOpenSslConfContext
-
getOpenSslContext
-
setOpenSslContext
-
getConfigType
-
getEnabledProtocols
- Returns:
- The protocols enabled for this TLS virtual host
- See Also:
-
setEnabledProtocols
-
getEnabledCiphers
- Returns:
- The ciphers enabled for this TLS virtual host
- See Also:
-
setEnabledCiphers
-
getObjectName
-
setObjectName
-
addCertificate
-
getOpenSslConf
-
setOpenSslConf
-
getCertificates
-
getCertificates
-
getCertificateKeyPassword
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The default certificate key password.
-
setCertificateKeyPassword
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeyPassword- The password for the default certificate's key.
-
getCertificateKeyPasswordFile
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The password for the default certificate's key.
-
setCertificateKeyPasswordFile
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeyPasswordFile- The file containing the password for the default certificate's key.
-
setCertificateRevocationListFile
-
getCertificateRevocationListFile
-
setCertificateVerification
-
getCertificateVerification
-
setCertificateVerificationAsString
-
getCertificateVerificationAsString
-
setCertificateVerificationDepth
public void setCertificateVerificationDepth(int certificateVerificationDepth) -
getCertificateVerificationDepth
public int getCertificateVerificationDepth() -
isCertificateVerificationDepthConfigured
public boolean isCertificateVerificationDepthConfigured() -
setCiphers
Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.- Parameters:
ciphersList- The new cipher configuration in OpenSSL or JSSE format
-
getCiphers
- Returns:
- An OpenSSL cipher string for the current configuration.
-
getCipherList
-
getJsseCipherNames
-
setHonorCipherOrder
public void setHonorCipherOrder(boolean honorCipherOrder) -
getHonorCipherOrder
public boolean getHonorCipherOrder() -
setHostName
-
getHostName
- Returns:
- The host name associated with this SSL configuration - always in lower case.
-
setProtocols
-
getProtocols
-
setSessionCacheSize
public void setSessionCacheSize(int sessionCacheSize) -
getSessionCacheSize
public int getSessionCacheSize() -
setSessionTimeout
public void setSessionTimeout(int sessionTimeout) -
getSessionTimeout
public int getSessionTimeout() -
getCertificateKeyAlias
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The key alias for the default certificate key.
-
setCertificateKeyAlias
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeyAlias- The alias of the certificate key.
-
getCertificateKeystoreFile
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The keystore file for the default certificate.
-
setCertificateKeystoreFile
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeystoreFile- The file containing the certificate keystore.
-
getCertificateKeystorePassword
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The password for the default certificate's keystore.
-
setCertificateKeystorePassword
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeystorePassword- The password for the certificate keystore.
-
getCertificateKeystorePasswordFile
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The file containing the default certificate's keystore password.
-
setCertificateKeystorePasswordFile
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeystorePasswordFile- The file containing the default certificate's keystore password.
-
getCertificateKeystoreProvider
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The provider for the default certificate's keystore.
-
setCertificateKeystoreProvider
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeystoreProvider- The provider for the default certificate's keystore.
-
getCertificateKeystoreType
Deprecated.Obtain the prefered Certificate and call this method, there.- Returns:
- The type of the default certificate's keystore.
-
setCertificateKeystoreType
Deprecated.Obtain the prefered Certificate and call this method, there.- Parameters:
certificateKeystoreType- The type of the default certificate's keystore.
-
setKeyManagerAlgorithm
-
getKeyManagerAlgorithm
-
setRevocationEnabled
public void setRevocationEnabled(boolean revocationEnabled) -
getRevocationEnabled
public boolean getRevocationEnabled() -
setSslProtocol
-
getSslProtocol
-
setTrustManagerClassName
-
getTrustManagerClassName
-
setTruststoreAlgorithm
-
getTruststoreAlgorithm
-
setTruststoreFile
-
getTruststoreFile
-
setTruststorePassword
-
getTruststorePassword
-
setTruststoreProvider
-
getTruststoreProvider
-
setTruststoreType
-
getTruststoreType
-
setTrustStore
-
getTruststore
- Throws:
IOException
-
getCertificateChainFile
-
setCertificateChainFile
-
getCertificateFile
-
setCertificateFile
-
getCertificateKeyFile
-
setCertificateKeyFile
-
setCertificateRevocationListPath
-
getCertificateRevocationListPath
-
setCaCertificateFile
-
getCaCertificateFile
-
setCaCertificatePath
-
getCaCertificatePath
-
setDisableCompression
public void setDisableCompression(boolean disableCompression) -
getDisableCompression
public boolean getDisableCompression() -
setDisableSessionTickets
public void setDisableSessionTickets(boolean disableSessionTickets) -
getDisableSessionTickets
public boolean getDisableSessionTickets() -
setInsecureRenegotiation
public void setInsecureRenegotiation(boolean insecureRenegotiation) -
getInsecureRenegotiation
public boolean getInsecureRenegotiation() -
certificatesExpiringBefore
-
adjustRelativePath
- Throws:
FileNotFoundException
-