Package org.glassfish.grizzly.config.dom

Interface Ssl

    • Method Detail

      • getCertNickname

        String getCertNickname()
        Nickname of the server certificate in the certificate database or the PKCS#11 token. In the certificate, the name format is token name:nickname. Including the token name: part of the name in this attribute is optional.

      • setCertNickname

        void setCertNickname​(String value)

      • getClientAuthEnabled

        String getClientAuthEnabled()
        Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control.

      • setClientAuthEnabled

        void setClientAuthEnabled​(String value)

      • getClientAuth

        @Pattern(regexp="(|need|want)")
@Pattern(regexp="(|need|want)") String getClientAuth()
        Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank

      • setClientAuth

        void setClientAuth​(String value)

      • getCrlFile

        String getCrlFile()

      • setCrlFile

        void setCrlFile​(String crlFile)

      • getKeyAlgorithm

        String getKeyAlgorithm()

      • setKeyAlgorithm

        void setKeyAlgorithm​(String algorithm)

      • getKeyStoreType

        @Pattern(regexp="(JKS|NSS)")
@Pattern(regexp="(JKS|NSS)") String getKeyStoreType()
        type of the keystore file

      • setKeyStoreType

        void setKeyStoreType​(String type)

      • getKeyStorePasswordProvider

        String getKeyStorePasswordProvider()

      • setKeyStorePasswordProvider

        void setKeyStorePasswordProvider​(String provider)

      • getKeyStorePassword

        String getKeyStorePassword()
        password of the keystore file

      • setKeyStorePassword

        void setKeyStorePassword​(String password)

      • getKeyStore

        String getKeyStore()
        Location of the keystore file

      • setKeyStore

        void setKeyStore​(String location)

      • getClassname

        String getClassname()

      • setClassname

        void setClassname​(String value)

      • getSsl2Ciphers

        @Pattern(regexp="((\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3)(\\s*,\\s*(\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3))*)*")
@Pattern(regexp="((\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3)(\\s*,\\s*(\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3))*)*") String getSsl2Ciphers()
        A comma-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable, for example +rc4. Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3. If no value is specified, all supported ciphers are assumed to be enabled. NOT Used in PE

      • setSsl2Ciphers

        void setSsl2Ciphers​(String value)

      • getSsl2Enabled

        String getSsl2Enabled()
        Determines whether SSL2 is enabled. NOT Used in PE. SSL2 is not supported by either iiop or web-services. When this element is used as a child of the iiop-listener element then the only allowed value for this attribute is "false".

      • setSsl2Enabled

        void setSsl2Enabled​(String value)

      • getSsl3Enabled

        String getSsl3Enabled()
        Determines whether SSL3 is enabled. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption.

      • setSsl3Enabled

        void setSsl3Enabled​(String value)

      • getSsl3TlsCiphers

        String getSsl3TlsCiphers()
        A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.

      • setSsl3TlsCiphers

        void setSsl3TlsCiphers​(String value)

      • getTlsEnabled

        String getTlsEnabled()
        Determines whether TLS is enabled.

      • setTlsEnabled

        void setTlsEnabled​(String value)

      • getTls11Enabled

        String getTls11Enabled()
        Determines whether TLS 1.1 is enabled.

      • setTls11Enabled

        void setTls11Enabled​(String value)

      • getTls12Enabled

        String getTls12Enabled()
        Determines whether TLS 1.2 is enabled.

      • setTls12Enabled

        void setTls12Enabled​(String value)

      • getTls13Enabled

        String getTls13Enabled()
        Determines whether TLS 1.3 is enabled.

      • setTls13Enabled

        void setTls13Enabled​(String value)

      • getTlsRollbackEnabled

        String getTlsRollbackEnabled()
        Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE

      • setTlsRollbackEnabled

        void setTlsRollbackEnabled​(String value)

      • getHstsEnabled

        String getHstsEnabled()
        Determines whether Strict Transport Security is set

      • setHstsEnabled

        void setHstsEnabled​(String value)

      • getHstsSubdomains

        String getHstsSubdomains()

      • setHstsSubdomains

        void setHstsSubdomains()

      • getHstsPreload

        String getHstsPreload()

      • setHstsPreload

        void setHstsPreload​(String value)

      • getTrustAlgorithm

        String getTrustAlgorithm()

      • setTrustAlgorithm

        void setTrustAlgorithm​(String algorithm)

      • getTrustMaxCertLength

        String getTrustMaxCertLength()

      • setTrustMaxCertLength

        void setTrustMaxCertLength​(String maxLength)

      • getTrustStore

        String getTrustStore()

      • setTrustStore

        void setTrustStore​(String location)

      • getTrustStoreType

        @Pattern(regexp="(JKS|NSS)")
@Pattern(regexp="(JKS|NSS)") String getTrustStoreType()
        type of the truststore file

      • setTrustStoreType

        void setTrustStoreType​(String type)

      • getTrustStorePasswordProvider

        String getTrustStorePasswordProvider()

      • setTrustStorePasswordProvider

        void setTrustStorePasswordProvider​(String provider)

      • getTrustStorePassword

        String getTrustStorePassword()
        password of the truststore file

      • setTrustStorePassword

        void setTrustStorePassword​(String password)

      • getAllowLazyInit

        String getAllowLazyInit()
        Does SSL configuration allow implementation to initialize it lazily way

      • setAllowLazyInit

        void setAllowLazyInit​(String value)

      • getSSLInactivityTimeout

        String getSSLInactivityTimeout()
        Returns:
        the timeout within which there must be activity from the client. Defaults to 30 seconds.

      • setSSLInactivityTimeout

        void setSSLInactivityTimeout​(int handshakeTimeout)

      • getSniEnabled

        String getSniEnabled()
        Returns:
        whether SNI support is enabled defaults to false

      • setSniEnabled

        void setSniEnabled​(String value)

      • getRenegotiateOnClientAuthWant

        String getRenegotiateOnClientAuthWant()

        Determines whether or not ssl session renegotiation will occur if client-auth is set to want. This may be set to false under the assumption that if a certificate wasn't available during the initial handshake, it won't be available during a renegotiation.

        This configuration option defaults to true.

        Returns:
        true if ssl session renegotiation will occur if client-auth is want.
        Since:
        2.1.2

      • setRenegotiateOnClientAuthWant

        void setRenegotiateOnClientAuthWant​(boolean renegotiateClientAuthWant)
        Since:
        2.1.2

      • getHandshakeTimeoutMillis

        String getHandshakeTimeoutMillis()
        Handshake mode

      • setHandshakeTimeoutMillis

        void setHandshakeTimeoutMillis​(String timeoutMillis)

      • getTlsSessionTimeout

        String getTlsSessionTimeout()
        How long before TLS sessions expire from the cache
        Returns:

      • setTlsSessionTimeout

        void setTlsSessionTimeout​(String timeout)

      • getTlsSessionCacheSize

        String getTlsSessionCacheSize()
        How large the TLS session cache can get
        Returns:

      • setTlsSessionCacheSize

        void setTlsSessionCacheSize​(String size)