- ->ssl-parameters
- get-algorithm-constraints
- get-cipher-suites
- get-endpoint-identification-algorithm
- get-need-client-auth?
- get-protocols
- get-server-names
- get-sni-matchers
- get-use-cipher-suites-order?
- get-want-client-auth?
- set-algorithm-constraints
- set-cipher-suites
- set-endpoint-identification-algorithm
- set-need-client-auth
- set-protocols
- set-server-names
- set-sni-matchers
- set-use-cipher-suites-order
- set-want-client-auth
javax.net.ssl.SSLParameters
Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the Server Name Indication (SNI), the algorithm constraints and whether SSL/TLS servers should request or require client authentication, etc.
SSLParameters can be created via the constructors in this class. Objects can also be obtained using the getSSLParameters() methods in SSLSocket and SSLServerSocket and SSLEngine or the getDefaultSSLParameters() and getSupportedSSLParameters() methods in SSLContext.
SSLParameters can be applied to a connection via the methods SSLSocket.setSSLParameters() and SSLServerSocket.setSSLParameters() and SSLEngine.setSSLParameters().
Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the Server Name Indication (SNI), the algorithm constraints and whether SSL/TLS servers should request or require client authentication, etc. SSLParameters can be created via the constructors in this class. Objects can also be obtained using the getSSLParameters() methods in SSLSocket and SSLServerSocket and SSLEngine or the getDefaultSSLParameters() and getSupportedSSLParameters() methods in SSLContext. SSLParameters can be applied to a connection via the methods SSLSocket.setSSLParameters() and SSLServerSocket.setSSLParameters() and SSLEngine.setSSLParameters().
->ssl-parametersclj
(->ssl-parameters)(->ssl-parameters cipher-suites)(->ssl-parameters cipher-suites protocols)Constructor.
Constructs SSLParameters from the specified array of ciphersuites and protocols.
Calling this constructor is equivalent to calling the no-args constructor followed by setCipherSuites(cipherSuites); setProtocols(protocols);.
cipher-suites - the array of ciphersuites (or null) - java.lang.String[]
protocols - the array of protocols (or null) - java.lang.String[]
Constructor. Constructs SSLParameters from the specified array of ciphersuites and protocols. Calling this constructor is equivalent to calling the no-args constructor followed by setCipherSuites(cipherSuites); setProtocols(protocols);. cipher-suites - the array of ciphersuites (or null) - `java.lang.String[]` protocols - the array of protocols (or null) - `java.lang.String[]`
get-algorithm-constraintsclj
(get-algorithm-constraints this)Returns the cryptographic algorithm constraints.
returns: the cryptographic algorithm constraints, or null if the
constraints have not been set - java.security.AlgorithmConstraints
Returns the cryptographic algorithm constraints.
returns: the cryptographic algorithm constraints, or null if the
constraints have not been set - `java.security.AlgorithmConstraints`get-cipher-suitesclj
(get-cipher-suites this)Returns a copy of the array of ciphersuites or null if none have been set.
returns: a copy of the array of ciphersuites or null if none
have been set. - java.lang.String[]
Returns a copy of the array of ciphersuites or null if none have been set. returns: a copy of the array of ciphersuites or null if none have been set. - `java.lang.String[]`
get-endpoint-identification-algorithmclj
(get-endpoint-identification-algorithm this)Gets the endpoint identification algorithm.
returns: the endpoint identification algorithm, or null if none
has been set. - java.lang.String
Gets the endpoint identification algorithm. returns: the endpoint identification algorithm, or null if none has been set. - `java.lang.String`
get-need-client-auth?clj
(get-need-client-auth? this)Returns whether client authentication should be required.
returns: whether client authentication should be required. - boolean
Returns whether client authentication should be required. returns: whether client authentication should be required. - `boolean`
get-protocolsclj
(get-protocols this)Returns a copy of the array of protocols or null if none have been set.
returns: a copy of the array of protocols or null if none
have been set. - java.lang.String[]
Returns a copy of the array of protocols or null if none have been set. returns: a copy of the array of protocols or null if none have been set. - `java.lang.String[]`
get-server-namesclj
(get-server-names this)Returns a List containing all SNIServerNames of the Server Name Indication (SNI) parameter, or null if none has been set.
This method is only useful to SSLSockets or SSLEngines operating in client mode.
For SSL/TLS connections, the underlying SSL/TLS provider may specify a default value for a certain server name type. In client mode, it is recommended that, by default, providers should include the server name indication whenever the server can be located by a supported server name type.
It is recommended that providers initialize default Server Name Indications when creating SSLSocket/SSLEngines. In the following examples, the server name could be represented by an instance of SNIHostName which has been initialized with the hostname "www.example.com" and type StandardConstants.SNI_HOST_NAME.
Socket socket =
sslSocketFactory.createSocket("www.example.com", 443);
or
SSLEngine engine =
sslContext.createSSLEngine("www.example.com", 443);
returns: null or an immutable list of non-null SNIServerNames - java.util.List<javax.net.ssl.SNIServerName>
Returns a List containing all SNIServerNames of the
Server Name Indication (SNI) parameter, or null if none has been set.
This method is only useful to SSLSockets or SSLEngines
operating in client mode.
For SSL/TLS connections, the underlying SSL/TLS provider
may specify a default value for a certain server name type. In
client mode, it is recommended that, by default, providers should
include the server name indication whenever the server can be located
by a supported server name type.
It is recommended that providers initialize default Server Name
Indications when creating SSLSocket/SSLEngines.
In the following examples, the server name could be represented by an
instance of SNIHostName which has been initialized with the
hostname "www.example.com" and type
StandardConstants.SNI_HOST_NAME.
Socket socket =
sslSocketFactory.createSocket("www.example.com", 443);
or
SSLEngine engine =
sslContext.createSSLEngine("www.example.com", 443);
returns: null or an immutable list of non-null SNIServerNames - `java.util.List<javax.net.ssl.SNIServerName>`get-sni-matchersclj
(get-sni-matchers this)Returns a Collection containing all SNIMatchers of the Server Name Indication (SNI) parameter, or null if none has been set.
This method is only useful to SSLSockets or SSLEngines operating in server mode.
For better interoperability, providers generally will not define default matchers so that by default servers will ignore the SNI extension and continue the handshake.
returns: null or an immutable collection of non-null SNIMatchers - java.util.Collection<javax.net.ssl.SNIMatcher>
Returns a Collection containing all SNIMatchers of the Server Name Indication (SNI) parameter, or null if none has been set. This method is only useful to SSLSockets or SSLEngines operating in server mode. For better interoperability, providers generally will not define default matchers so that by default servers will ignore the SNI extension and continue the handshake. returns: null or an immutable collection of non-null SNIMatchers - `java.util.Collection<javax.net.ssl.SNIMatcher>`
get-use-cipher-suites-order?clj
(get-use-cipher-suites-order? this)Returns whether the local cipher suites preference should be honored.
returns: whether local cipher suites order in #getCipherSuites
should be honored during SSL/TLS handshaking. - boolean
Returns whether the local cipher suites preference should be honored.
returns: whether local cipher suites order in #getCipherSuites
should be honored during SSL/TLS handshaking. - `boolean`get-want-client-auth?clj
(get-want-client-auth? this)Returns whether client authentication should be requested.
returns: whether client authentication should be requested. - boolean
Returns whether client authentication should be requested. returns: whether client authentication should be requested. - `boolean`
set-algorithm-constraintsclj
(set-algorithm-constraints this constraints)Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.
If the constraints parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.
constraints - the algorithm constraints (or null) - java.security.AlgorithmConstraints
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment. If the constraints parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints. constraints - the algorithm constraints (or null) - `java.security.AlgorithmConstraints`
set-cipher-suitesclj
(set-cipher-suites this cipher-suites)Sets the array of ciphersuites.
cipher-suites - the array of ciphersuites (or null) - java.lang.String[]
Sets the array of ciphersuites. cipher-suites - the array of ciphersuites (or null) - `java.lang.String[]`
set-endpoint-identification-algorithmclj
(set-endpoint-identification-algorithm this algorithm)Sets the endpoint identification algorithm.
If the algorithm parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.
algorithm - The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names. - java.lang.String
Sets the endpoint identification algorithm. If the algorithm parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks. algorithm - The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names. - `java.lang.String`
set-need-client-authclj
(set-need-client-auth this need-client-auth)Sets whether client authentication should be required. Calling this method clears the wantClientAuth flag.
need-client-auth - whether client authentication should be required - boolean
Sets whether client authentication should be required. Calling this method clears the wantClientAuth flag. need-client-auth - whether client authentication should be required - `boolean`
set-protocolsclj
(set-protocols this protocols)Sets the array of protocols.
protocols - the array of protocols (or null) - java.lang.String[]
Sets the array of protocols. protocols - the array of protocols (or null) - `java.lang.String[]`
set-server-namesclj
(set-server-names this server-names)Sets the desired SNIServerNames of the Server Name Indication (SNI) parameter.
This method is only useful to SSLSockets or SSLEngines operating in client mode.
Note that the serverNames list is cloned to protect against subsequent modification.
server-names - the list of desired SNIServerNames (or null) - java.util.List
throws: java.lang.NullPointerException - if the serverNames contains null element
Sets the desired SNIServerNames of the Server Name Indication (SNI) parameter. This method is only useful to SSLSockets or SSLEngines operating in client mode. Note that the serverNames list is cloned to protect against subsequent modification. server-names - the list of desired SNIServerNames (or null) - `java.util.List` throws: java.lang.NullPointerException - if the serverNames contains null element
set-sni-matchersclj
(set-sni-matchers this matchers)Sets the SNIMatchers of the Server Name Indication (SNI) parameter.
This method is only useful to SSLSockets or SSLEngines operating in server mode.
Note that the matchers collection is cloned to protect against subsequent modification.
matchers - the collection of SNIMatchers (or null) - java.util.Collection
throws: java.lang.NullPointerException - if the matchers contains null element
Sets the SNIMatchers of the Server Name Indication (SNI) parameter. This method is only useful to SSLSockets or SSLEngines operating in server mode. Note that the matchers collection is cloned to protect against subsequent modification. matchers - the collection of SNIMatchers (or null) - `java.util.Collection` throws: java.lang.NullPointerException - if the matchers contains null element
set-use-cipher-suites-orderclj
(set-use-cipher-suites-order this honor-order)Sets whether the local cipher suites preference should be honored.
honor-order - whether local cipher suites order in #getCipherSuites should be honored during SSL/TLS handshaking. - boolean
Sets whether the local cipher suites preference should be honored. honor-order - whether local cipher suites order in #getCipherSuites should be honored during SSL/TLS handshaking. - `boolean`
set-want-client-authclj
(set-want-client-auth this want-client-auth)Sets whether client authentication should be requested. Calling this method clears the needClientAuth flag.
want-client-auth - whether client authentication should be requested - boolean
Sets whether client authentication should be requested. Calling this method clears the needClientAuth flag. want-client-auth - whether client authentication should be requested - `boolean`
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close