- java.lang.Object
-
- javax.net.ssl.SSLParameters
-
public class SSLParameters extends Object
Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the algorithm constraints and whether SSL/TLS servers should request or require client authentication.SSLParameters can be created via the constructors in this class. Objects can also be obtained using the
getSSLParameters()
methods inSSLSocket
andSSLServerSocket
andSSLEngine
or thegetDefaultSSLParameters()
andgetSupportedSSLParameters()
methods inSSLContext
.SSLParameters can be applied to a connection via the methods
SSLSocket.setSSLParameters()
andSSLServerSocket.setSSLParameters()
andSSLEngine.getSSLParameters()
.- Since:
- 1.6
- See Also:
SSLSocket
,SSLEngine
,SSLContext
-
-
Constructor Summary
Constructors Constructor and Description SSLParameters()
Constructs SSLParameters.SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.
-
Method Summary
Methods Modifier and Type Method and Description AlgorithmConstraints
getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.String[]
getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.String
getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.boolean
getNeedClientAuth()
Returns whether client authentication should be required.String[]
getProtocols()
Returns a copy of the array of protocols or null if none have been set.boolean
getWantClientAuth()
Returns whether client authentication should be requested.void
setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.void
setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.void
setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.void
setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required.void
setProtocols(String[] protocols)
Sets the array of protocols.void
setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested.
-
-
-
Constructor Detail
-
SSLParameters
public SSLParameters()
Constructs SSLParameters.The cipherSuites and protocols values are set to
null
, wantClientAuth and needClientAuth are set tofalse
.
-
SSLParameters
public SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites);
.- Parameters:
cipherSuites
- the array of ciphersuites (or null)
-
SSLParameters
public SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites); setProtocols(protocols);
.- Parameters:
cipherSuites
- the array of ciphersuites (or null)protocols
- the array of protocols (or null)
-
-
Method Detail
-
getCipherSuites
public String[] getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.- Returns:
- a copy of the array of ciphersuites or null if none have been set.
-
setCipherSuites
public void setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.- Parameters:
cipherSuites
- the array of ciphersuites (or null)
-
getProtocols
public String[] getProtocols()
Returns a copy of the array of protocols or null if none have been set.- Returns:
- a copy of the array of protocols or null if none have been set.
-
setProtocols
public void setProtocols(String[] protocols)
Sets the array of protocols.- Parameters:
protocols
- the array of protocols (or null)
-
getWantClientAuth
public boolean getWantClientAuth()
Returns whether client authentication should be requested.- Returns:
- whether client authentication should be requested.
-
setWantClientAuth
public void setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested. Calling this method clears theneedClientAuth
flag.- Parameters:
wantClientAuth
- whether client authentication should be requested
-
getNeedClientAuth
public boolean getNeedClientAuth()
Returns whether client authentication should be required.- Returns:
- whether client authentication should be required.
-
setNeedClientAuth
public void setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required. Calling this method clears thewantClientAuth
flag.- Parameters:
needClientAuth
- whether client authentication should be required
-
getAlgorithmConstraints
public AlgorithmConstraints getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.- Returns:
- the cryptographic algorithm constraints, or null if the constraints have not been set
- Since:
- 1.7
- See Also:
setAlgorithmConstraints(AlgorithmConstraints)
-
setAlgorithmConstraints
public void setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.If the
constraints
parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.- Parameters:
constraints
- the algorithm constraints (or null)- Since:
- 1.7
-
getEndpointIdentificationAlgorithm
public String getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.- Returns:
- the endpoint identification algorithm, or null if none has been set.
- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
,setEndpointIdentificationAlgorithm(String)
-
setEndpointIdentificationAlgorithm
public void setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.If the
algorithm
parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.- Parameters:
algorithm
- The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
-
-
Nederlandse vertaling
U hebt gevraagd om deze site in het Nederlands te bezoeken. Voor nu wordt alleen de interface vertaald, maar nog niet alle inhoud.Als je me wilt helpen met vertalingen, is je bijdrage welkom. Het enige dat u hoeft te doen, is u op de site registreren en mij een bericht sturen waarin u wordt gevraagd om u toe te voegen aan de groep vertalers, zodat u de gewenste pagina's kunt vertalen. Een link onderaan elke vertaalde pagina geeft aan dat u de vertaler bent en heeft een link naar uw profiel.
Bij voorbaat dank.
Document heeft de 11/06/2005 gemaakt, de laatste keer de 04/03/2020 gewijzigd
Bron van het afgedrukte document:https://www.gaudry.be/nl/java-api-rf-javax/net/ssl/sslparameters.html
De infobrol is een persoonlijke site waarvan de inhoud uitsluitend mijn verantwoordelijkheid is. De tekst is beschikbaar onder CreativeCommons-licentie (BY-NC-SA). Meer info op de gebruiksvoorwaarden en de auteur.
Referenties
Deze verwijzingen en links verwijzen naar documenten die geraadpleegd zijn tijdens het schrijven van deze pagina, of die aanvullende informatie kunnen geven, maar de auteurs van deze bronnen kunnen niet verantwoordelijk worden gehouden voor de inhoud van deze pagina.
De auteur Deze site is als enige verantwoordelijk voor de manier waarop de verschillende concepten, en de vrijheden die met de referentiewerken worden genomen, hier worden gepresenteerd. Vergeet niet dat u meerdere broninformatie moet doorgeven om het risico op fouten te verkleinen.