- java.lang.Object
-
- javax.net.ssl.SSLParameters
-
public class SSLParameters extends Object
Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the algorithm constraints and whether SSL/TLS servers should request or require client authentication.SSLParameters can be created via the constructors in this class. Objects can also be obtained using the
getSSLParameters()
methods inSSLSocket
andSSLServerSocket
andSSLEngine
or thegetDefaultSSLParameters()
andgetSupportedSSLParameters()
methods inSSLContext
.SSLParameters can be applied to a connection via the methods
SSLSocket.setSSLParameters()
andSSLServerSocket.setSSLParameters()
andSSLEngine.getSSLParameters()
.- Since:
- 1.6
- See Also:
SSLSocket
,SSLEngine
,SSLContext
-
-
Constructor Summary
Constructors Constructor and Description SSLParameters()
Constructs SSLParameters.SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.
-
Method Summary
Methods Modifier and Type Method and Description AlgorithmConstraints
getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.String[]
getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.String
getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.boolean
getNeedClientAuth()
Returns whether client authentication should be required.String[]
getProtocols()
Returns a copy of the array of protocols or null if none have been set.boolean
getWantClientAuth()
Returns whether client authentication should be requested.void
setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.void
setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.void
setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.void
setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required.void
setProtocols(String[] protocols)
Sets the array of protocols.void
setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested.
-
-
-
Constructor Detail
-
SSLParameters
public SSLParameters()
Constructs SSLParameters.The cipherSuites and protocols values are set to
null
, wantClientAuth and needClientAuth are set tofalse
.
-
SSLParameters
public SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites);
.- Parameters:
cipherSuites
- the array of ciphersuites (or null)
-
SSLParameters
public SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites); setProtocols(protocols);
.- Parameters:
cipherSuites
- the array of ciphersuites (or null)protocols
- the array of protocols (or null)
-
-
Method Detail
-
getCipherSuites
public String[] getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.- Returns:
- a copy of the array of ciphersuites or null if none have been set.
-
setCipherSuites
public void setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.- Parameters:
cipherSuites
- the array of ciphersuites (or null)
-
getProtocols
public String[] getProtocols()
Returns a copy of the array of protocols or null if none have been set.- Returns:
- a copy of the array of protocols or null if none have been set.
-
setProtocols
public void setProtocols(String[] protocols)
Sets the array of protocols.- Parameters:
protocols
- the array of protocols (or null)
-
getWantClientAuth
public boolean getWantClientAuth()
Returns whether client authentication should be requested.- Returns:
- whether client authentication should be requested.
-
setWantClientAuth
public void setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested. Calling this method clears theneedClientAuth
flag.- Parameters:
wantClientAuth
- whether client authentication should be requested
-
getNeedClientAuth
public boolean getNeedClientAuth()
Returns whether client authentication should be required.- Returns:
- whether client authentication should be required.
-
setNeedClientAuth
public void setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required. Calling this method clears thewantClientAuth
flag.- Parameters:
needClientAuth
- whether client authentication should be required
-
getAlgorithmConstraints
public AlgorithmConstraints getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.- Returns:
- the cryptographic algorithm constraints, or null if the constraints have not been set
- Since:
- 1.7
- See Also:
setAlgorithmConstraints(AlgorithmConstraints)
-
setAlgorithmConstraints
public void setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.If the
constraints
parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.- Parameters:
constraints
- the algorithm constraints (or null)- Since:
- 1.7
-
getEndpointIdentificationAlgorithm
public String getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.- Returns:
- the endpoint identification algorithm, or null if none has been set.
- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
,setEndpointIdentificationAlgorithm(String)
-
setEndpointIdentificationAlgorithm
public void setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.If the
algorithm
parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.- Parameters:
algorithm
- The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
-
-
Deutsche Übersetzung
Sie haben gebeten, diese Seite auf Deutsch zu besuchen. Momentan ist nur die Oberfläche übersetzt, aber noch nicht der gesamte Inhalt.Wenn Sie mir bei Übersetzungen helfen wollen, ist Ihr Beitrag willkommen. Alles, was Sie tun müssen, ist, sich auf der Website zu registrieren und mir eine Nachricht zu schicken, in der Sie gebeten werden, Sie der Gruppe der Übersetzer hinzuzufügen, die Ihnen die Möglichkeit gibt, die gewünschten Seiten zu übersetzen. Ein Link am Ende jeder übersetzten Seite zeigt an, dass Sie der Übersetzer sind und einen Link zu Ihrem Profil haben.
Vielen Dank im Voraus.
Dokument erstellt 11/06/2005, zuletzt geändert 04/03/2020
Quelle des gedruckten Dokuments:https://www.gaudry.be/de/java-api-rf-javax/net/ssl/sslparameters.html
Die Infobro ist eine persönliche Seite, deren Inhalt in meiner alleinigen Verantwortung liegt. Der Text ist unter der CreativeCommons-Lizenz (BY-NC-SA) verfügbar. Weitere Informationen auf die Nutzungsbedingungen und dem Autor.
Referenzen
Diese Verweise und Links verweisen auf Dokumente, die während des Schreibens dieser Seite konsultiert wurden, oder die zusätzliche Informationen liefern können, aber die Autoren dieser Quellen können nicht für den Inhalt dieser Seite verantwortlich gemacht werden.
Der Autor Diese Website ist allein dafür verantwortlich, wie die verschiedenen Konzepte und Freiheiten, die mit den Nachschlagewerken gemacht werden, hier dargestellt werden. Denken Sie daran, dass Sie mehrere Quellinformationen austauschen müssen, um das Risiko von Fehlern zu reduzieren.