Class OpenSslServerContext

java.lang.Object
org.jboss.netty.handler.ssl.SslContext
org.jboss.netty.handler.ssl.OpenSslServerContext
public final class OpenSslServerContext extends SslContext
A server-side SslContext which uses OpenSSL's SSL/TLS implementation.

  • Field Details

    • logger

      private static final InternalLogger logger

    • DEFAULT_CIPHERS

      private static final List<String> DEFAULT_CIPHERS

    • aprPool

      private final long aprPool

    • ciphers

      private final List<String> ciphers

    • unmodifiableCiphers

      private final List<String> unmodifiableCiphers

    • sessionCacheSize

      private final long sessionCacheSize

    • sessionTimeout

      private final long sessionTimeout

    • nextProtocols

      private final List<String> nextProtocols

    • ctx

      private final long ctx
      The OpenSSL SSL_CTX object

    • stats

      private final OpenSslSessionStats stats

  • Constructor Details

    • OpenSslServerContext

      public OpenSslServerContext(File certChainFile, File keyFile) throws SSLException
      Creates a new instance.
      Parameters:
      certChainFile - an X.509 certificate chain file in PEM format
      keyFile - a PKCS#8 private key file in PEM format
      Throws:
      SSLException

    • OpenSslServerContext

      public OpenSslServerContext(File certChainFile, File keyFile, String keyPassword) throws SSLException
      Creates a new instance.
      Parameters:
      certChainFile - an X.509 certificate chain file in PEM format
      keyFile - a PKCS#8 private key file in PEM format
      keyPassword - the password of the keyFile. null if it's not password-protected.
      Throws:
      SSLException

    • OpenSslServerContext

      public OpenSslServerContext(SslBufferPool bufPool, File certChainFile, File keyFile, String keyPassword, Iterable<String> ciphers, Iterable<String> nextProtocols, long sessionCacheSize, long sessionTimeout) throws SSLException
      Creates a new instance.
      Parameters:
      bufPool - the buffer pool which will be used by this context. null to use the default buffer pool.
      certChainFile - an X.509 certificate chain file in PEM format
      keyFile - a PKCS#8 private key file in PEM format
      keyPassword - the password of the keyFile. null if it's not password-protected.
      ciphers - the cipher suites to enable, in the order of preference. null to use the default cipher suites.
      nextProtocols - the application layer protocols to accept, in the order of preference. null to disable TLS NPN/ALPN extension.
      sessionCacheSize - the size of the cache used for storing SSL session objects. 0 to use the default value.
      sessionTimeout - the timeout for the cached SSL session objects, in seconds. 0 to use the default value.
      Throws:
      SSLException

  • Method Details

    • newBufferPool

      SslBufferPool newBufferPool()
      Overrides:
      newBufferPool in class SslContext

    • isClient

      public boolean isClient()
      Description copied from class: SslContext
      Returns the true if and only if this context is for client-side.
      Specified by:
      isClient in class SslContext

    • cipherSuites

      public List<String> cipherSuites()
      Description copied from class: SslContext
      Returns the list of enabled cipher suites, in the order of preference.
      Specified by:
      cipherSuites in class SslContext

    • sessionCacheSize

      public long sessionCacheSize()
      Description copied from class: SslContext
      Returns the size of the cache used for storing SSL session objects.
      Specified by:
      sessionCacheSize in class SslContext

    • sessionTimeout

      public long sessionTimeout()
      Description copied from class: SslContext
      Returns the timeout for the cached SSL session objects, in seconds.
      Specified by:
      sessionTimeout in class SslContext

    • nextProtocols

      public List<String> nextProtocols()
      Description copied from class: SslContext
      Returns the list of application layer protocols for the TLS NPN/ALPN extension, in the order of preference.
      Specified by:
      nextProtocols in class SslContext
      Returns:
      the list of application layer protocols. null if NPN/ALPN extension has been disabled.

    • context

      public long context()
      Returns the SSL_CTX object of this context.

    • stats

      public OpenSslSessionStats stats()
      Returns the stats of this context.

    • newEngine

      public SSLEngine newEngine()
      Returns a new server-side SSLEngine with the current configuration.
      Specified by:
      newEngine in class SslContext
      Returns:
      a new SSLEngine

    • newEngine

      public SSLEngine newEngine(String peerHost, int peerPort)
      Description copied from class: SslContext
      Creates a new SSLEngine using advisory peer information.
      Specified by:
      newEngine in class SslContext
      Parameters:
      peerHost - the non-authoritative name of the host
      peerPort - the non-authoritative port
      Returns:
      a new SSLEngine

    • setTicketKeys

      public void setTicketKeys(byte[] keys)
      Sets the SSL session ticket keys of this context.

    • finalize

      protected void finalize() throws Throwable
      Overrides:
      finalize in class Object
      Throws:
      Throwable

    • destroyPools

      private void destroyPools()