Package org.apache.tomcat.util.net

Interface SSLUtil

  • All Known Implementing Classes:
    JSSEUtil, OpenSSLUtil, SSLUtilBase
    public interface SSLUtil
    Provides a common interface for SSLImplementations to create the necessary JSSE implementation objects for TLS connections created via the JSSE API.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Interface Description
      static interface  SSLUtil.ProtocolInfo
      Optional interface that can be implemented by SSLEngines to indicate that they support ALPN and can provide the protocol agreed with the client.

    • Method Detail

      • createSSLContext

        static SSLContext createSSLContext​(javax.net.ssl.SSLContext sslContext,
                                   javax.net.ssl.X509KeyManager keyManager,
                                   javax.net.ssl.X509TrustManager trustManager)
        Creates an instance of Tomcat's SSLContext from the provided inputs. Typically used when the user wants to provide a pre-configured javax.net.ssl.SSLContext instance. There is no need to call SSLContext.init(KeyManager[], TrustManager[], java.security.SecureRandom) on the returned value.
        Parameters:
        sslContext - The JSSE SSL context
        keyManager - The JSSE key manager
        trustManager - The JSSE trust manager
        Returns:
        An instance of Tomcat's SSLContext formed from the provided inputs.

      • createSSLContext

        SSLContext createSSLContext​(java.util.List<java.lang.String> negotiableProtocols)
                     throws java.lang.Exception
        Throws:
        java.lang.Exception

      • getKeyManagers

        javax.net.ssl.KeyManager[] getKeyManagers()
                                   throws java.lang.Exception
        Throws:
        java.lang.Exception

      • getTrustManagers

        javax.net.ssl.TrustManager[] getTrustManagers()
                                       throws java.lang.Exception
        Throws:
        java.lang.Exception

      • configureSessionContext

        void configureSessionContext​(javax.net.ssl.SSLSessionContext sslSessionContext)

      • getEnabledProtocols

        java.lang.String[] getEnabledProtocols()
                                throws java.lang.IllegalArgumentException
        The set of enabled protocols is the intersection of the implemented protocols and the configured protocols. If no protocols are explicitly configured, then all of the implemented protocols will be included in the returned array.
        Returns:
        The protocols currently enabled and available for clients to select from for the associated connection
        Throws:
        java.lang.IllegalArgumentException - If there is no intersection between the implemented and configured protocols

      • getEnabledCiphers

        java.lang.String[] getEnabledCiphers()
                              throws java.lang.IllegalArgumentException
        The set of enabled ciphers is the intersection of the implemented ciphers and the configured ciphers. If no ciphers are explicitly configured, then the default ciphers will be included in the returned array.

        The ciphers used during the TLS handshake may be further restricted by the getEnabledProtocols() and the certificates.

        Returns:
        The ciphers currently enabled and available for clients to select from for the associated connection
        Throws:
        java.lang.IllegalArgumentException - If there is no intersection between the implemented and configured ciphers