Class SSLParams
- java.lang.Object
-
- org.glassfish.admin.mbeanserver.ssl.SSLParams
-
public class SSLParams extends Object
This class is a config holder for configuring SSL Sockets. It comes with set of defaults as defined below TrustAlgorithm = SunX509 keystore type = JKS truststore type = JKS protocol = TLS tls Enabled= true It also picks up the value of keystore, keystore password, truststore , trustore password from system properties. Usage : This class can be used in any enviroment , where one wants to pass in SSL defaults programatically as well as use a default set of configuration without setting in values explicitly.- Author:
- [email protected]
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description String
getCertNickname()
String
getClientAuth()
Determines if if the engine will request (want) or require (need) client authentication.String
getClientAuthEnabled()
Determines whether client authentication is performed on every request, independent of ACL-based access control.String
getCrlFile()
String[]
getEnabledCiphers()
String[]
getEnabledProtocols()
Boolean
getHstsEnabled()
Determines whether Strict Transport Security is setBoolean
getHstsPreload()
Boolean
getHstsSubDomains()
String
getKeyAlgorithm()
File
getKeyStore()
String
getKeyStorePassword()
String
getKeyStoreType()
type of the keystore fileString
getProtocol()
String
getSsl3TlsCiphers()
A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5.Boolean
getTlsRollbackEnabled()
Determines whether TLS rollback is enabled.String
getTrustAlgorithm()
File
getTrustStore()
String
getTrustStorePassword()
String
getTrustStoreType()
void
setCertNickname(String certNickname)
void
setClientAuth(String clientAuth)
void
setClientAuthEnabled(String clientAuthEnabled)
void
setCrlFile(String crlFile)
void
setEnabledCiphers(String[] enabledCiphers)
void
setEnabledProtocols(String[] enabledProtocols)
void
setHstsEnabled(String hstsEnabled)
void
setHstsPreload(Boolean hstsPreload)
void
setHstsSubDomains(Boolean hstsSubDomains)
void
setKeyAlgorithm(String algorithm)
void
setKeyStore(String location)
void
setKeyStorePassword(String password)
void
setKeyStoreType(String type)
void
setProtocol(String protocol)
void
setSsl3TlsCiphers(String ssl3TlsCiphers)
void
setTlsRollbackEnabled(String tlsRollBackEnabled)
void
setTrustAlgorithm(String algorithm)
void
setTrustMaxCertLength(String maxLength)
-
-
-
Method Detail
-
getTrustStore
public File getTrustStore()
-
getTrustStorePassword
public String getTrustStorePassword()
-
getTrustStoreType
public String getTrustStoreType()
-
getTrustAlgorithm
public String getTrustAlgorithm()
-
setTrustAlgorithm
public void setTrustAlgorithm(String algorithm)
-
getEnabledCiphers
public String[] getEnabledCiphers()
-
setEnabledCiphers
public void setEnabledCiphers(String[] enabledCiphers)
-
getEnabledProtocols
public String[] getEnabledProtocols()
-
setEnabledProtocols
public void setEnabledProtocols(String[] enabledProtocols)
-
getProtocol
public String getProtocol()
-
setProtocol
public void setProtocol(String protocol)
-
setTrustMaxCertLength
public void setTrustMaxCertLength(String maxLength)
-
getCertNickname
public String getCertNickname()
-
setCertNickname
public void setCertNickname(String certNickname)
-
getClientAuthEnabled
public String getClientAuthEnabled()
Determines whether client authentication is performed on every request, independent of ACL-based access control.
-
setClientAuthEnabled
public void setClientAuthEnabled(String clientAuthEnabled)
-
getClientAuth
public String getClientAuth()
Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank
-
setClientAuth
public void setClientAuth(String clientAuth)
-
getCrlFile
public String getCrlFile()
-
setCrlFile
public void setCrlFile(String crlFile)
-
getKeyAlgorithm
public String getKeyAlgorithm()
-
setKeyAlgorithm
public void setKeyAlgorithm(String algorithm)
-
getKeyStoreType
public String getKeyStoreType()
type of the keystore file
-
setKeyStoreType
public void setKeyStoreType(String type)
-
getKeyStorePassword
public String getKeyStorePassword()
-
setKeyStorePassword
public void setKeyStorePassword(String password)
-
getKeyStore
public File getKeyStore()
-
setKeyStore
public void setKeyStore(String location)
-
getSsl3TlsCiphers
public String getSsl3TlsCiphers()
A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.
-
setSsl3TlsCiphers
public void setSsl3TlsCiphers(String ssl3TlsCiphers)
-
getTlsRollbackEnabled
public Boolean getTlsRollbackEnabled()
Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE
-
setTlsRollbackEnabled
public void setTlsRollbackEnabled(String tlsRollBackEnabled)
-
getHstsEnabled
public Boolean getHstsEnabled()
Determines whether Strict Transport Security is set
-
setHstsEnabled
public void setHstsEnabled(String hstsEnabled)
-
getHstsSubDomains
public Boolean getHstsSubDomains()
-
setHstsSubDomains
public void setHstsSubDomains(Boolean hstsSubDomains)
-
getHstsPreload
public Boolean getHstsPreload()
-
setHstsPreload
public void setHstsPreload(Boolean hstsPreload)
-
-