Class SSLHostConfig

java.lang.Object
org.apache.tomcat.util.net.SSLHostConfig
All Implemented Interfaces:
Serializable

public class SSLHostConfig extends Object implements Serializable
Represents the TLS configuration for a virtual host.
See Also:
  • Field Details

  • Constructor Details

    • SSLHostConfig

      public SSLHostConfig()
  • Method Details

    • isTls13RenegotiationAvailable

      public boolean isTls13RenegotiationAvailable()
    • setTls13RenegotiationAvailable

      public void setTls13RenegotiationAvailable(boolean tls13RenegotiationAvailable)
    • getOpenSslConfContext

      public Long getOpenSslConfContext()
    • setOpenSslConfContext

      public void setOpenSslConfContext(Long openSslConfContext)
    • getOpenSslContext

      public Long getOpenSslContext()
    • setOpenSslContext

      public void setOpenSslContext(Long openSslContext)
    • getConfigType

      public String getConfigType()
    • getEnabledProtocols

      public String[] getEnabledProtocols()
      Returns:
      The protocols enabled for this TLS virtual host
      See Also:
    • setEnabledProtocols

      public void setEnabledProtocols(String[] enabledProtocols)
    • getEnabledCiphers

      public String[] getEnabledCiphers()
      Returns:
      The ciphers enabled for this TLS virtual host
      See Also:
    • setEnabledCiphers

      public void setEnabledCiphers(String[] enabledCiphers)
    • getObjectName

      public ObjectName getObjectName()
    • setObjectName

      public void setObjectName(ObjectName oname)
    • addCertificate

      public void addCertificate(SSLHostConfigCertificate certificate)
    • getOpenSslConf

      public OpenSSLConf getOpenSslConf()
    • setOpenSslConf

      public void setOpenSslConf(OpenSSLConf conf)
    • getCertificates

      public Set<SSLHostConfigCertificate> getCertificates()
    • getCertificates

      public Set<SSLHostConfigCertificate> getCertificates(boolean createDefaultIfEmpty)
    • getCertificateKeyPassword

      @Deprecated public String getCertificateKeyPassword()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The default certificate key password.
    • setCertificateKeyPassword

      @Deprecated public void setCertificateKeyPassword(String certificateKeyPassword)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeyPassword - The password for the default certificate's key.
    • getCertificateKeyPasswordFile

      @Deprecated public String getCertificateKeyPasswordFile()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The password for the default certificate's key.
    • setCertificateKeyPasswordFile

      @Deprecated public void setCertificateKeyPasswordFile(String certificateKeyPasswordFile)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeyPasswordFile - The file containing the password for the default certificate's key.
    • setCertificateRevocationListFile

      public void setCertificateRevocationListFile(String certificateRevocationListFile)
    • getCertificateRevocationListFile

      public String getCertificateRevocationListFile()
    • setCertificateVerification

      public void setCertificateVerification(String certificateVerification)
    • getCertificateVerification

      public SSLHostConfig.CertificateVerification getCertificateVerification()
    • setCertificateVerificationAsString

      public void setCertificateVerificationAsString(String certificateVerification)
    • getCertificateVerificationAsString

      public String getCertificateVerificationAsString()
    • setCertificateVerificationDepth

      public void setCertificateVerificationDepth(int certificateVerificationDepth)
    • getCertificateVerificationDepth

      public int getCertificateVerificationDepth()
    • isCertificateVerificationDepthConfigured

      public boolean isCertificateVerificationDepthConfigured()
    • setCiphers

      public void setCiphers(String ciphersList)
      Set the new cipher configuration. Note: Regardless of the format used to set the configuration, it is always stored in OpenSSL format.
      Parameters:
      ciphersList - The new cipher configuration in OpenSSL or JSSE format
    • getCiphers

      public String getCiphers()
      Returns:
      An OpenSSL cipher string for the current configuration.
    • getCipherList

      public LinkedHashSet<Cipher> getCipherList()
    • getJsseCipherNames

      public List<String> getJsseCipherNames()
      Obtain the list of JSSE cipher names for the current configuration. Ciphers included in the configuration but not supported by JSSE will be excluded from this list.
      Returns:
      A list of the JSSE cipher names
    • setHonorCipherOrder

      public void setHonorCipherOrder(boolean honorCipherOrder)
    • getHonorCipherOrder

      public boolean getHonorCipherOrder()
    • setHostName

      public void setHostName(String hostName)
    • getHostName

      public String getHostName()
      Returns:
      The host name associated with this SSL configuration - always in lower case.
    • setProtocols

      public void setProtocols(String input)
    • getProtocols

      public Set<String> getProtocols()
    • setSessionCacheSize

      public void setSessionCacheSize(int sessionCacheSize)
    • getSessionCacheSize

      public int getSessionCacheSize()
    • setSessionTimeout

      public void setSessionTimeout(int sessionTimeout)
    • getSessionTimeout

      public int getSessionTimeout()
    • getCertificateKeyAlias

      @Deprecated public String getCertificateKeyAlias()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The key alias for the default certificate key.
    • setCertificateKeyAlias

      @Deprecated public void setCertificateKeyAlias(String certificateKeyAlias)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeyAlias - The alias of the certificate key.
    • getCertificateKeystoreFile

      @Deprecated public String getCertificateKeystoreFile()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The keystore file for the default certificate.
    • setCertificateKeystoreFile

      @Deprecated public void setCertificateKeystoreFile(String certificateKeystoreFile)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystoreFile - The file containing the certificate keystore.
    • getCertificateKeystorePassword

      @Deprecated public String getCertificateKeystorePassword()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The password for the default certificate's keystore.
    • setCertificateKeystorePassword

      @Deprecated public void setCertificateKeystorePassword(String certificateKeystorePassword)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystorePassword - The password for the certificate keystore.
    • getCertificateKeystorePasswordFile

      @Deprecated public String getCertificateKeystorePasswordFile()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The file containing the default certificate's keystore password.
    • setCertificateKeystorePasswordFile

      @Deprecated public void setCertificateKeystorePasswordFile(String certificateKeystorePasswordFile)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystorePasswordFile - The file containing the default certificate's keystore password.
    • getCertificateKeystoreProvider

      @Deprecated public String getCertificateKeystoreProvider()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The provider for the default certificate's keystore.
    • setCertificateKeystoreProvider

      @Deprecated public void setCertificateKeystoreProvider(String certificateKeystoreProvider)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystoreProvider - The provider for the default certificate's keystore.
    • getCertificateKeystoreType

      @Deprecated public String getCertificateKeystoreType()
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Returns:
      The type of the default certificate's keystore.
    • setCertificateKeystoreType

      @Deprecated public void setCertificateKeystoreType(String certificateKeystoreType)
      Deprecated.
      Obtain the prefered Certificate and call this method, there.
      Parameters:
      certificateKeystoreType - The type of the default certificate's keystore.
    • setKeyManagerAlgorithm

      public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
    • getKeyManagerAlgorithm

      public String getKeyManagerAlgorithm()
    • setRevocationEnabled

      public void setRevocationEnabled(boolean revocationEnabled)
    • getRevocationEnabled

      public boolean getRevocationEnabled()
    • setSslProtocol

      public void setSslProtocol(String sslProtocol)
    • getSslProtocol

      public String getSslProtocol()
    • setTrustManagerClassName

      public void setTrustManagerClassName(String trustManagerClassName)
    • getTrustManagerClassName

      public String getTrustManagerClassName()
    • setTruststoreAlgorithm

      public void setTruststoreAlgorithm(String truststoreAlgorithm)
    • getTruststoreAlgorithm

      public String getTruststoreAlgorithm()
    • setTruststoreFile

      public void setTruststoreFile(String truststoreFile)
    • getTruststoreFile

      public String getTruststoreFile()
    • setTruststorePassword

      public void setTruststorePassword(String truststorePassword)
    • getTruststorePassword

      public String getTruststorePassword()
    • setTruststoreProvider

      public void setTruststoreProvider(String truststoreProvider)
    • getTruststoreProvider

      public String getTruststoreProvider()
    • setTruststoreType

      public void setTruststoreType(String truststoreType)
    • getTruststoreType

      public String getTruststoreType()
    • setTrustStore

      public void setTrustStore(KeyStore truststore)
    • getTruststore

      public KeyStore getTruststore() throws IOException
      Throws:
      IOException
    • getCertificateChainFile

      public String getCertificateChainFile()
    • setCertificateChainFile

      public void setCertificateChainFile(String certificateChainFile)
    • getCertificateFile

      public String getCertificateFile()
    • setCertificateFile

      public void setCertificateFile(String certificateFile)
    • getCertificateKeyFile

      public String getCertificateKeyFile()
    • setCertificateKeyFile

      public void setCertificateKeyFile(String certificateKeyFile)
    • setCertificateRevocationListPath

      public void setCertificateRevocationListPath(String certificateRevocationListPath)
    • getCertificateRevocationListPath

      public String getCertificateRevocationListPath()
    • setCaCertificateFile

      public void setCaCertificateFile(String caCertificateFile)
    • getCaCertificateFile

      public String getCaCertificateFile()
    • setCaCertificatePath

      public void setCaCertificatePath(String caCertificatePath)
    • getCaCertificatePath

      public String getCaCertificatePath()
    • setDisableCompression

      public void setDisableCompression(boolean disableCompression)
    • getDisableCompression

      public boolean getDisableCompression()
    • setDisableSessionTickets

      public void setDisableSessionTickets(boolean disableSessionTickets)
    • getDisableSessionTickets

      public boolean getDisableSessionTickets()
    • setInsecureRenegotiation

      public void setInsecureRenegotiation(boolean insecureRenegotiation)
    • getInsecureRenegotiation

      public boolean getInsecureRenegotiation()
    • certificatesExpiringBefore

      public Set<X509Certificate> certificatesExpiringBefore(Date date)
    • adjustRelativePath

      public static String adjustRelativePath(String path) throws FileNotFoundException
      Throws:
      FileNotFoundException