- java.lang.Object
-
- javax.net.ssl.SSLParameters
-
public class SSLParameters extends Object
Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the algorithm constraints and whether SSL/TLS servers should request or require client authentication.SSLParameters can be created via the constructors in this class. Objects can also be obtained using the
getSSLParameters()methods inSSLSocketandSSLServerSocketandSSLEngineor thegetDefaultSSLParameters()andgetSupportedSSLParameters()methods inSSLContext.SSLParameters can be applied to a connection via the methods
SSLSocket.setSSLParameters()andSSLServerSocket.setSSLParameters()andSSLEngine.getSSLParameters().- Since:
- 1.6
- See Also:
SSLSocket,SSLEngine,SSLContext
-
-
Constructor Summary
Constructors Constructor and Description SSLParameters()Constructs SSLParameters.SSLParameters(String[] cipherSuites)Constructs SSLParameters from the specified array of ciphersuites.SSLParameters(String[] cipherSuites, String[] protocols)Constructs SSLParameters from the specified array of ciphersuites and protocols.
-
Method Summary
Methods Modifier and Type Method and Description AlgorithmConstraintsgetAlgorithmConstraints()Returns the cryptographic algorithm constraints.String[]getCipherSuites()Returns a copy of the array of ciphersuites or null if none have been set.StringgetEndpointIdentificationAlgorithm()Gets the endpoint identification algorithm.booleangetNeedClientAuth()Returns whether client authentication should be required.String[]getProtocols()Returns a copy of the array of protocols or null if none have been set.booleangetWantClientAuth()Returns whether client authentication should be requested.voidsetAlgorithmConstraints(AlgorithmConstraints constraints)Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.voidsetCipherSuites(String[] cipherSuites)Sets the array of ciphersuites.voidsetEndpointIdentificationAlgorithm(String algorithm)Sets the endpoint identification algorithm.voidsetNeedClientAuth(boolean needClientAuth)Sets whether client authentication should be required.voidsetProtocols(String[] protocols)Sets the array of protocols.voidsetWantClientAuth(boolean wantClientAuth)Sets whether client authentication should be requested.
-
-
-
Constructor Detail
-
SSLParameters
public SSLParameters()
Constructs SSLParameters.The cipherSuites and protocols values are set to
null, wantClientAuth and needClientAuth are set tofalse.
-
SSLParameters
public SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites);.- Parameters:
cipherSuites- the array of ciphersuites (or null)
-
SSLParameters
public SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites); setProtocols(protocols);.- Parameters:
cipherSuites- the array of ciphersuites (or null)protocols- the array of protocols (or null)
-
-
Method Detail
-
getCipherSuites
public String[] getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.- Returns:
- a copy of the array of ciphersuites or null if none have been set.
-
setCipherSuites
public void setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.- Parameters:
cipherSuites- the array of ciphersuites (or null)
-
getProtocols
public String[] getProtocols()
Returns a copy of the array of protocols or null if none have been set.- Returns:
- a copy of the array of protocols or null if none have been set.
-
setProtocols
public void setProtocols(String[] protocols)
Sets the array of protocols.- Parameters:
protocols- the array of protocols (or null)
-
getWantClientAuth
public boolean getWantClientAuth()
Returns whether client authentication should be requested.- Returns:
- whether client authentication should be requested.
-
setWantClientAuth
public void setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested. Calling this method clears theneedClientAuthflag.- Parameters:
wantClientAuth- whether client authentication should be requested
-
getNeedClientAuth
public boolean getNeedClientAuth()
Returns whether client authentication should be required.- Returns:
- whether client authentication should be required.
-
setNeedClientAuth
public void setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required. Calling this method clears thewantClientAuthflag.- Parameters:
needClientAuth- whether client authentication should be required
-
getAlgorithmConstraints
public AlgorithmConstraints getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.- Returns:
- the cryptographic algorithm constraints, or null if the constraints have not been set
- Since:
- 1.7
- See Also:
setAlgorithmConstraints(AlgorithmConstraints)
-
setAlgorithmConstraints
public void setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.If the
constraintsparameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.- Parameters:
constraints- the algorithm constraints (or null)- Since:
- 1.7
-
getEndpointIdentificationAlgorithm
public String getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.- Returns:
- the endpoint identification algorithm, or null if none has been set.
- Since:
- 1.7
- See Also:
X509ExtendedTrustManager,setEndpointIdentificationAlgorithm(String)
-
setEndpointIdentificationAlgorithm
public void setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.If the
algorithmparameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.- Parameters:
algorithm- The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
-
-
Traduction non disponible
Les API Java ne sont pas encore traduites en français sur l'infobrol. Seule la version anglaise est disponible pour l'instant.
Document créé le 11/06/2005, dernière modification le 04/03/2020
Source du document imprimé : https://www.gaudry.be/java-api-rf-javax/net/ssl/SSLParameters.html
L'infobrol est un site personnel dont le contenu n'engage que moi. Le texte est mis à disposition sous licence CreativeCommons(BY-NC-SA). Plus d'info sur les conditions d'utilisation et sur l'auteur.
Références
Ces références et liens indiquent des documents consultés lors de la rédaction de cette page, ou qui peuvent apporter un complément d'information, mais les auteurs de ces sources ne peuvent être tenus responsables du contenu de cette page.
L'auteur de ce site est seul responsable de la manière dont sont présentés ici les différents concepts, et des libertés qui sont prises avec les ouvrages de référence. N'oubliez pas que vous devez croiser les informations de sources multiples afin de diminuer les risques d'erreurs.
