org.apache.tomcat.util.net.jsse
public class JSSESocketFactory extends ServerSocketFactory
Field Summary | |
---|---|
protected boolean | allowUnsafeLegacyRenegotiation |
protected String | clientAuth |
protected String[] | enabledCiphers |
protected boolean | initialized |
protected boolean | requireClientAuth
Flag to state that we require client authentication. |
protected SSLServerSocketFactory | sslProxy |
protected boolean | wantClientAuth
Flag to state that we would like client authentication. |
Constructor Summary | |
---|---|
JSSESocketFactory() |
Method Summary | |
---|---|
Socket | acceptSocket(ServerSocket socket) |
protected void | configureClientAuth(SSLServerSocket socket)
Configure Client authentication for this version of JSSE. |
protected void | configureClientAuth(SSLSocket socket)
Configure Client authentication for this version of JSSE. |
ServerSocket | createSocket(int port) |
ServerSocket | createSocket(int port, int backlog) |
ServerSocket | createSocket(int port, int backlog, InetAddress ifAddress) |
protected Collection<? extends CRL> | getCRLs(String crlf)
Load the collection of CRLs.
|
protected String[] | getEnabledCiphers(String requestedCiphers, String[] supportedCiphers) |
protected String[] | getEnabledProtocols(SSLServerSocket socket, String requestedProtocols)
Determines the SSL protocol variants to be enabled.
|
protected KeyManager[] | getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias)
Gets the initialized key managers. |
protected KeyStore | getKeystore(String type, String provider, String pass) |
protected String | getKeystorePassword() |
protected CertPathParameters | getParameters(String algorithm, String crlf, KeyStore trustStore)
Return the initialization parameters for the TrustManager.
|
protected TrustManager[] | getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
Gets the intialized trust managers. |
protected KeyStore | getTrustStore(String keystoreType, String keystoreProvider) |
void | handshake(Socket sock) |
protected void | setEnabledProtocols(SSLServerSocket socket, String[] protocols)
Set the SSL protocol variants to be enabled. |
Parameters: socket the SSLServerSocket
Parameters: socket the SSLSocket
Parameters: socket The socket to get supported list from. requestedProtocols Comma-separated list of requested SSL protocol variants
Returns: Array of SSL protocol variants to be enabled, or null if none of the requested protocol variants are supported
PKIX
is supported.
Parameters: algorithm The algorithm to get parameters for. crlf The path to the CRL file. trustStore The configured TrustStore.
Returns: The parameters including the CRLs and TrustStore.
Parameters: socket the SSLServerSocket. protocols the protocols to use.