Modifier and Type | Field and Description |
---|---|
static List<String> |
DEFAULT_ENABLED_SECURE_TRANSPORT_PROTOCOLS
The default ENABLED_SECURE_TRANSPORT_PROTOCOLS value = { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" }
SSLv3 is NOT enabled due to POODLE vulnerability http://en.wikipedia.org/wiki/POODLE
"SSLv2Hello" is NOT enabled since it's disabled by default since JDK7
|
static long |
DEFAULT_SSL_HANDSHAKE_TIMEOUT
The default value of SSL handshake timeout = 10
|
static TimeUnit |
DEFAULT_SSL_HANDSHAKE_TIMEOUT_TIME_UNIT
Default SSL handshake time unit = SECONDS
|
static boolean |
DEFAULT_USE_ALPN
Default use alpn = false
|
Constructor and Description |
---|
SSLOptions()
Default constructor
|
SSLOptions(JsonObject json)
Create options from JSON
|
SSLOptions(SSLOptions other)
Copy constructor
|
Modifier and Type | Method and Description |
---|---|
SSLOptions |
addCrlPath(String crlPath)
Add a CRL path
|
SSLOptions |
addCrlValue(Buffer crlValue)
Add a CRL value
|
SSLOptions |
addEnabledCipherSuite(String suite)
Add an enabled cipher suite, appended to the ordered suites.
|
SSLOptions |
addEnabledSecureTransportProtocol(String protocol)
Add an enabled SSL/TLS protocols, appended to the ordered protocols.
|
List<String> |
getCrlPaths() |
List<Buffer> |
getCrlValues()
Get the CRL values
|
Set<String> |
getEnabledCipherSuites()
Return an ordered set of the cipher suites.
|
Set<String> |
getEnabledSecureTransportProtocols()
Returns the enabled SSL/TLS protocols
|
KeyCertOptions |
getKeyCertOptions() |
long |
getSslHandshakeTimeout() |
TimeUnit |
getSslHandshakeTimeoutUnit() |
TrustOptions |
getTrustOptions() |
boolean |
isUseAlpn() |
SSLOptions |
removeEnabledCipherSuite(String suite)
Removes an enabled cipher suite from the ordered suites.
|
SSLOptions |
removeEnabledSecureTransportProtocol(String protocol)
Removes an enabled SSL/TLS protocol from the ordered protocols.
|
SSLOptions |
setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
Sets the list of enabled SSL/TLS protocols.
|
SSLOptions |
setKeyCertOptions(KeyCertOptions options)
Set the key/cert options.
|
SSLOptions |
setSslHandshakeTimeout(long sslHandshakeTimeout)
Set the SSL handshake timeout, default time unit is seconds.
|
SSLOptions |
setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
Set the SSL handshake timeout unit.
|
SSLOptions |
setTrustOptions(TrustOptions options)
Set the trust options.
|
SSLOptions |
setUseAlpn(boolean useAlpn)
Set the ALPN usage.
|
JsonObject |
toJson()
Convert to JSON
|
public static final boolean DEFAULT_USE_ALPN
public static final long DEFAULT_SSL_HANDSHAKE_TIMEOUT
public static final TimeUnit DEFAULT_SSL_HANDSHAKE_TIMEOUT_TIME_UNIT
public static final List<String> DEFAULT_ENABLED_SECURE_TRANSPORT_PROTOCOLS
public SSLOptions(JsonObject json)
json
- the JSONpublic SSLOptions()
public SSLOptions(SSLOptions other)
other
- the options to copypublic KeyCertOptions getKeyCertOptions()
public SSLOptions setKeyCertOptions(KeyCertOptions options)
options
- the key store optionspublic TrustOptions getTrustOptions()
public SSLOptions setTrustOptions(TrustOptions options)
options
- the trust optionspublic SSLOptions addEnabledCipherSuite(String suite)
suite
- the suitegetEnabledCipherSuites()
public SSLOptions removeEnabledCipherSuite(String suite)
suite
- the suitepublic Set<String> getEnabledCipherSuites()
The set is initially empty and suite should be added to this set in the desired order.
When suites are added and therefore the list is not empty, it takes precedence over the
default suite defined by the SSLEngineOptions
in use.
public SSLOptions addCrlPath(String crlPath) throws NullPointerException
crlPath
- the pathNullPointerException
public SSLOptions addCrlValue(Buffer crlValue) throws NullPointerException
crlValue
- the valueNullPointerException
public boolean isUseAlpn()
public SSLOptions setUseAlpn(boolean useAlpn)
useAlpn
- true when Application-Layer Protocol Negotiation should be usedpublic Set<String> getEnabledSecureTransportProtocols()
public long getSslHandshakeTimeout()
getSslHandshakeTimeoutUnit()
.public SSLOptions setSslHandshakeTimeout(long sslHandshakeTimeout)
sslHandshakeTimeout
- the SSL handshake timeout to set, in millisecondspublic SSLOptions setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
sslHandshakeTimeoutUnit
- specify time unit.public TimeUnit getSslHandshakeTimeoutUnit()
public SSLOptions setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
enabledSecureTransportProtocols
- the SSL/TLS protocols to enablepublic SSLOptions addEnabledSecureTransportProtocol(String protocol)
protocol
- the SSL/TLS protocol to enablepublic SSLOptions removeEnabledSecureTransportProtocol(String protocol)
protocol
- the SSL/TLS protocol to disablepublic JsonObject toJson()
Copyright © 2023 Eclipse. All rights reserved.