Package org.apache.tomcat.util.net
Class SSLHostConfig
- java.lang.Object
-
- org.apache.tomcat.util.net.SSLHostConfig
-
- All Implemented Interfaces:
java.io.Serializable
public class SSLHostConfig extends java.lang.Object implements java.io.SerializableRepresents the TLS configuration for a virtual host.- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classSSLHostConfig.CertificateVerificationstatic classSSLHostConfig.Type
-
Field Summary
Fields Modifier and Type Field Description protected static java.lang.StringDEFAULT_SSL_HOST_NAMEstatic java.lang.StringDEFAULT_TLS_CIPHERSprotected static java.util.Set<java.lang.String>SSL_PROTO_ALL_SET
-
Constructor Summary
Constructors Constructor Description SSLHostConfig()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddCertificate(SSLHostConfigCertificate certificate)static java.lang.StringadjustRelativePath(java.lang.String path)java.lang.StringgetCaCertificateFile()java.lang.StringgetCaCertificatePath()java.lang.StringgetCertificateChainFile()java.lang.StringgetCertificateFile()java.lang.StringgetCertificateKeyAlias()java.lang.StringgetCertificateKeyFile()java.lang.StringgetCertificateKeyPassword()java.lang.StringgetCertificateKeystoreFile()java.lang.StringgetCertificateKeystorePassword()java.lang.StringgetCertificateKeystoreProvider()java.lang.StringgetCertificateKeystoreType()java.lang.StringgetCertificateRevocationListFile()java.lang.StringgetCertificateRevocationListPath()java.util.Set<SSLHostConfigCertificate>getCertificates()java.util.Set<SSLHostConfigCertificate>getCertificates(boolean createDefaultIfEmpty)SSLHostConfig.CertificateVerificationgetCertificateVerification()java.lang.StringgetCertificateVerificationAsString()intgetCertificateVerificationDepth()java.util.LinkedHashSet<Cipher>getCipherList()java.lang.StringgetCiphers()java.lang.StringgetConfigType()booleangetDisableCompression()booleangetDisableSessionTickets()java.lang.String[]getEnabledCiphers()java.lang.String[]getEnabledProtocols()java.lang.StringgetHonorCipherOrder()java.lang.StringgetHostName()booleangetInsecureRenegotiation()java.util.List<java.lang.String>getJsseCipherNames()Obtain the list of JSSE cipher names for the current configuration.java.lang.StringgetKeyManagerAlgorithm()javax.management.ObjectNamegetObjectName()OpenSSLConfgetOpenSslConf()java.lang.LonggetOpenSslConfContext()java.lang.LonggetOpenSslContext()java.util.Set<java.lang.String>getProtocols()booleangetRevocationEnabled()intgetSessionCacheSize()intgetSessionTimeout()java.lang.StringgetSslProtocol()java.lang.StringgetTrustManagerClassName()java.security.KeyStoregetTruststore()java.lang.StringgetTruststoreAlgorithm()java.lang.StringgetTruststoreFile()java.lang.StringgetTruststorePassword()java.lang.StringgetTruststoreProvider()java.lang.StringgetTruststoreType()booleanisCertificateVerificationDepthConfigured()booleanisTls13RenegotiationAvailable()voidsetCaCertificateFile(java.lang.String caCertificateFile)voidsetCaCertificatePath(java.lang.String caCertificatePath)voidsetCertificateChainFile(java.lang.String certificateChainFile)voidsetCertificateFile(java.lang.String certificateFile)voidsetCertificateKeyAlias(java.lang.String certificateKeyAlias)voidsetCertificateKeyFile(java.lang.String certificateKeyFile)voidsetCertificateKeyPassword(java.lang.String certificateKeyPassword)voidsetCertificateKeystoreFile(java.lang.String certificateKeystoreFile)voidsetCertificateKeystorePassword(java.lang.String certificateKeystorePassword)voidsetCertificateKeystoreProvider(java.lang.String certificateKeystoreProvider)voidsetCertificateKeystoreType(java.lang.String certificateKeystoreType)voidsetCertificateRevocationListFile(java.lang.String certificateRevocationListFile)voidsetCertificateRevocationListPath(java.lang.String certificateRevocationListPath)voidsetCertificateVerification(java.lang.String certificateVerification)voidsetCertificateVerificationAsString(java.lang.String certificateVerification)voidsetCertificateVerificationDepth(int certificateVerificationDepth)voidsetCiphers(java.lang.String ciphersList)Set the new cipher configuration.voidsetDisableCompression(boolean disableCompression)voidsetDisableSessionTickets(boolean disableSessionTickets)voidsetEnabledCiphers(java.lang.String[] enabledCiphers)voidsetEnabledProtocols(java.lang.String[] enabledProtocols)voidsetHonorCipherOrder(java.lang.String honorCipherOrder)voidsetHostName(java.lang.String hostName)voidsetInsecureRenegotiation(boolean insecureRenegotiation)voidsetKeyManagerAlgorithm(java.lang.String keyManagerAlgorithm)voidsetObjectName(javax.management.ObjectName oname)voidsetOpenSslConf(OpenSSLConf conf)voidsetOpenSslConfContext(java.lang.Long openSslConfContext)voidsetOpenSslContext(java.lang.Long openSslContext)voidsetProtocols(java.lang.String input)voidsetRevocationEnabled(boolean revocationEnabled)voidsetSessionCacheSize(int sessionCacheSize)voidsetSessionTimeout(int sessionTimeout)voidsetSslProtocol(java.lang.String sslProtocol)voidsetTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable)voidsetTrustManagerClassName(java.lang.String trustManagerClassName)voidsetTrustStore(java.security.KeyStore truststore)voidsetTruststoreAlgorithm(java.lang.String truststoreAlgorithm)voidsetTruststoreFile(java.lang.String truststoreFile)voidsetTruststorePassword(java.lang.String truststorePassword)voidsetTruststoreProvider(java.lang.String truststoreProvider)voidsetTruststoreType(java.lang.String truststoreType)
-
-
-
Field Detail
-
DEFAULT_SSL_HOST_NAME
protected static final java.lang.String DEFAULT_SSL_HOST_NAME
- See Also:
- Constant Field Values
-
SSL_PROTO_ALL_SET
protected static final java.util.Set<java.lang.String> SSL_PROTO_ALL_SET
-
DEFAULT_TLS_CIPHERS
public static final java.lang.String DEFAULT_TLS_CIPHERS
- See Also:
- Constant Field Values
-
-
Method Detail
-
isTls13RenegotiationAvailable
public boolean isTls13RenegotiationAvailable()
-
setTls13RenegotiationAvailable
public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable)
-
getOpenSslConfContext
public java.lang.Long getOpenSslConfContext()
-
setOpenSslConfContext
public void setOpenSslConfContext(java.lang.Long openSslConfContext)
-
getOpenSslContext
public java.lang.Long getOpenSslContext()
-
setOpenSslContext
public void setOpenSslContext(java.lang.Long openSslContext)
-
getConfigType
public java.lang.String getConfigType()
-
getEnabledProtocols
public java.lang.String[] getEnabledProtocols()
- Returns:
- The protocols enabled for this TLS virtual host
- See Also:
SSLUtil.getEnabledProtocols()
-
setEnabledProtocols
public void setEnabledProtocols(java.lang.String[] enabledProtocols)
-
getEnabledCiphers
public java.lang.String[] getEnabledCiphers()
- Returns:
- The ciphers enabled for this TLS virtual host
- See Also:
SSLUtil.getEnabledCiphers()
-
setEnabledCiphers
public void setEnabledCiphers(java.lang.String[] enabledCiphers)
-
getObjectName
public javax.management.ObjectName getObjectName()
-
setObjectName
public void setObjectName(javax.management.ObjectName oname)
-
addCertificate
public void addCertificate(SSLHostConfigCertificate certificate)
-
getOpenSslConf
public OpenSSLConf getOpenSslConf()
-
setOpenSslConf
public void setOpenSslConf(OpenSSLConf conf)
-
getCertificates
public java.util.Set<SSLHostConfigCertificate> getCertificates()
-
getCertificates
public java.util.Set<SSLHostConfigCertificate> getCertificates(boolean createDefaultIfEmpty)
-
getCertificateKeyPassword
public java.lang.String getCertificateKeyPassword()
-
setCertificateKeyPassword
public void setCertificateKeyPassword(java.lang.String certificateKeyPassword)
-
setCertificateRevocationListFile
public void setCertificateRevocationListFile(java.lang.String certificateRevocationListFile)
-
getCertificateRevocationListFile
public java.lang.String getCertificateRevocationListFile()
-
setCertificateVerification
public void setCertificateVerification(java.lang.String certificateVerification)
-
getCertificateVerification
public SSLHostConfig.CertificateVerification getCertificateVerification()
-
setCertificateVerificationAsString
public void setCertificateVerificationAsString(java.lang.String certificateVerification)
-
getCertificateVerificationAsString
public java.lang.String getCertificateVerificationAsString()
-
setCertificateVerificationDepth
public void setCertificateVerificationDepth(int certificateVerificationDepth)
-
getCertificateVerificationDepth
public int getCertificateVerificationDepth()
-
isCertificateVerificationDepthConfigured
public boolean isCertificateVerificationDepthConfigured()
-
setCiphers
public void setCiphers(java.lang.String ciphersList)
Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.- Parameters:
ciphersList- The new cipher configuration in OpenSSL or JSSE format
-
getCiphers
public java.lang.String getCiphers()
- Returns:
- An OpenSSL cipher string for the current configuration.
-
getCipherList
public java.util.LinkedHashSet<Cipher> getCipherList()
-
getJsseCipherNames
public java.util.List<java.lang.String> getJsseCipherNames()
Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.- Returns:
- A list of the JSSE cipher names
-
setHonorCipherOrder
public void setHonorCipherOrder(java.lang.String honorCipherOrder)
-
getHonorCipherOrder
public java.lang.String getHonorCipherOrder()
-
setHostName
public void setHostName(java.lang.String hostName)
-
getHostName
public java.lang.String getHostName()
- Returns:
- The host name associated with this SSL configuration - always in lower case.
-
setProtocols
public void setProtocols(java.lang.String input)
-
getProtocols
public java.util.Set<java.lang.String> getProtocols()
-
setSessionCacheSize
public void setSessionCacheSize(int sessionCacheSize)
-
getSessionCacheSize
public int getSessionCacheSize()
-
setSessionTimeout
public void setSessionTimeout(int sessionTimeout)
-
getSessionTimeout
public int getSessionTimeout()
-
getCertificateKeyAlias
public java.lang.String getCertificateKeyAlias()
-
setCertificateKeyAlias
public void setCertificateKeyAlias(java.lang.String certificateKeyAlias)
-
getCertificateKeystoreFile
public java.lang.String getCertificateKeystoreFile()
-
setCertificateKeystoreFile
public void setCertificateKeystoreFile(java.lang.String certificateKeystoreFile)
-
getCertificateKeystorePassword
public java.lang.String getCertificateKeystorePassword()
-
setCertificateKeystorePassword
public void setCertificateKeystorePassword(java.lang.String certificateKeystorePassword)
-
getCertificateKeystoreProvider
public java.lang.String getCertificateKeystoreProvider()
-
setCertificateKeystoreProvider
public void setCertificateKeystoreProvider(java.lang.String certificateKeystoreProvider)
-
getCertificateKeystoreType
public java.lang.String getCertificateKeystoreType()
-
setCertificateKeystoreType
public void setCertificateKeystoreType(java.lang.String certificateKeystoreType)
-
setKeyManagerAlgorithm
public void setKeyManagerAlgorithm(java.lang.String keyManagerAlgorithm)
-
getKeyManagerAlgorithm
public java.lang.String getKeyManagerAlgorithm()
-
setRevocationEnabled
public void setRevocationEnabled(boolean revocationEnabled)
-
getRevocationEnabled
public boolean getRevocationEnabled()
-
setSslProtocol
public void setSslProtocol(java.lang.String sslProtocol)
-
getSslProtocol
public java.lang.String getSslProtocol()
-
setTrustManagerClassName
public void setTrustManagerClassName(java.lang.String trustManagerClassName)
-
getTrustManagerClassName
public java.lang.String getTrustManagerClassName()
-
setTruststoreAlgorithm
public void setTruststoreAlgorithm(java.lang.String truststoreAlgorithm)
-
getTruststoreAlgorithm
public java.lang.String getTruststoreAlgorithm()
-
setTruststoreFile
public void setTruststoreFile(java.lang.String truststoreFile)
-
getTruststoreFile
public java.lang.String getTruststoreFile()
-
setTruststorePassword
public void setTruststorePassword(java.lang.String truststorePassword)
-
getTruststorePassword
public java.lang.String getTruststorePassword()
-
setTruststoreProvider
public void setTruststoreProvider(java.lang.String truststoreProvider)
-
getTruststoreProvider
public java.lang.String getTruststoreProvider()
-
setTruststoreType
public void setTruststoreType(java.lang.String truststoreType)
-
getTruststoreType
public java.lang.String getTruststoreType()
-
setTrustStore
public void setTrustStore(java.security.KeyStore truststore)
-
getTruststore
public java.security.KeyStore getTruststore() throws java.io.IOException- Throws:
java.io.IOException
-
getCertificateChainFile
public java.lang.String getCertificateChainFile()
-
setCertificateChainFile
public void setCertificateChainFile(java.lang.String certificateChainFile)
-
getCertificateFile
public java.lang.String getCertificateFile()
-
setCertificateFile
public void setCertificateFile(java.lang.String certificateFile)
-
getCertificateKeyFile
public java.lang.String getCertificateKeyFile()
-
setCertificateKeyFile
public void setCertificateKeyFile(java.lang.String certificateKeyFile)
-
setCertificateRevocationListPath
public void setCertificateRevocationListPath(java.lang.String certificateRevocationListPath)
-
getCertificateRevocationListPath
public java.lang.String getCertificateRevocationListPath()
-
setCaCertificateFile
public void setCaCertificateFile(java.lang.String caCertificateFile)
-
getCaCertificateFile
public java.lang.String getCaCertificateFile()
-
setCaCertificatePath
public void setCaCertificatePath(java.lang.String caCertificatePath)
-
getCaCertificatePath
public java.lang.String getCaCertificatePath()
-
setDisableCompression
public void setDisableCompression(boolean disableCompression)
-
getDisableCompression
public boolean getDisableCompression()
-
setDisableSessionTickets
public void setDisableSessionTickets(boolean disableSessionTickets)
-
getDisableSessionTickets
public boolean getDisableSessionTickets()
-
setInsecureRenegotiation
public void setInsecureRenegotiation(boolean insecureRenegotiation)
-
getInsecureRenegotiation
public boolean getInsecureRenegotiation()
-
adjustRelativePath
public static java.lang.String adjustRelativePath(java.lang.String path) throws java.io.FileNotFoundException- Throws:
java.io.FileNotFoundException
-
-