- All Known Implementing Classes:
SSLSupportImpl
public interface SSLSupport
SSLSupport
Interface for SSL-specific functions
- Author:
- EKR
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final class
Simple data class that represents the cipher being used, along with the corresponding effective key size. -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
The Request attribute key for the client certificate chain.static final String
The Request attribute key for the cipher suite.static final String
The Request attribute key for the key size.static final String
The Request attribute key for the session id. -
Method Summary
Modifier and TypeMethodDescriptionThe cipher suite being used on this connection.Get the keysize.default Object[]
Deprecated, for removal: This API element is subject to removal in a future version.default Object[]
getPeerCertificateChain
(boolean force) Deprecated, for removal: This API element is subject to removal in a future version.usegetPeerCertificates(boolean)
instead.getPeerCertificates
(boolean force) The current session Id.
-
Field Details
-
CIPHER_SUITE_KEY
The Request attribute key for the cipher suite.- See Also:
-
KEY_SIZE_KEY
The Request attribute key for the key size.- See Also:
-
CERTIFICATE_KEY
The Request attribute key for the client certificate chain.- See Also:
-
SESSION_ID_KEY
The Request attribute key for the session id. This one is a Tomcat extension to the Servlet spec.- See Also:
-
-
Method Details
-
getCipherSuite
The cipher suite being used on this connection.- Throws:
IOException
-
getPeerCertificateChain
Deprecated, for removal: This API element is subject to removal in a future version.usegetPeerCertificates()
instead.- Returns:
- The client certificate chain (if any).
- Throws:
IOException
-
getPeerCertificates
- Returns:
- The client certificate chain (if any).
- Throws:
IOException
-
getPeerCertificateChain
@Deprecated(forRemoval=true) default Object[] getPeerCertificateChain(boolean force) throws IOException Deprecated, for removal: This API element is subject to removal in a future version.usegetPeerCertificates(boolean)
instead.- Parameters:
force
- If true, then re-negotiate the connection if necessary.- Returns:
- The client certificate chain (if any).
- Throws:
IOException
-
getPeerCertificates
- Parameters:
force
- If true, then re-negotiate the connection if necessary.- Returns:
- The client certificate chain (if any).
- Throws:
IOException
-
getKeySize
Get the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.- Throws:
IOException
-
getSessionId
The current session Id.- Throws:
IOException
-
getPeerCertificates()
instead.