|
Apache Tomcat 7.0.28 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.tomcat.jni.SSLContext
public final class SSLContext
SSL Context
Constructor Summary | |
---|---|
SSLContext()
|
Method Summary | |
---|---|
static int |
free(long ctx)
Free the resources used by the Context |
static long |
make(long pool,
int protocol,
int mode)
Initialize new SSL context |
static void |
setBIO(long ctx,
long bio,
int dir)
Associate BIOCallback for input or output data capture. |
static boolean |
setCACertificate(long ctx,
String file,
String path)
Set File and Directory of concatenated PEM-encoded CA Certificates for Client Auth This directive sets the all-in-one file where you can assemble the Certificates of Certification Authorities (CA) whose clients you deal with. |
static boolean |
setCARevocation(long ctx,
String file,
String path)
Set File of concatenated PEM-encoded CA CRLs or directory of PEM-encoded CA Certificates for Client Auth This directive sets the all-in-one file where you can assemble the Certificate Revocation Lists (CRL) of Certification Authorities (CA) whose clients you deal with. |
static boolean |
setCertificate(long ctx,
String cert,
String key,
String password,
int idx)
Set Certificate Point setCertificateFile at a PEM encoded certificate. |
static boolean |
setCertificateChainFile(long ctx,
String file,
boolean skipfirst)
Set File of PEM-encoded Server CA Certificates This directive sets the optional all-in-one file where you can assemble the certificates of Certification Authorities (CA) which form the certificate chain of the server certificate. |
static boolean |
setCipherSuite(long ctx,
String ciphers)
Cipher Suite available for negotiation in SSL handshake. |
static void |
setContextId(long ctx,
String id)
Set Session context id. |
static void |
setOptions(long ctx,
int options)
Set OpenSSL Option. |
static void |
setQuietShutdown(long ctx,
boolean mode)
Sets the "quiet shutdown" flag for ctx to be mode. |
static void |
setRandom(long ctx,
String file)
Set file for randomness |
static void |
setShutdownType(long ctx,
int type)
Set SSL connection shutdown type The following levels are available for level: SSL_SHUTDOWN_TYPE_STANDARD SSL_SHUTDOWN_TYPE_UNCLEAN SSL_SHUTDOWN_TYPE_ACCURATE |
static void |
setVerify(long ctx,
int level,
int depth)
Set Type of Client Certificate verification and Maximum depth of CA Certificates in Client Certificate verification. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SSLContext()
Method Detail |
---|
public static long make(long pool, int protocol, int mode) throws Exception
pool
- The pool to use.protocol
- The SSL protocol to use. It can be one of:
SSL_PROTOCOL_SSLV2 SSL_PROTOCOL_SSLV3 SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3 SSL_PROTOCOL_TLSV1 SSL_PROTOCOL_ALL
mode
- SSL mode to use
SSL_MODE_CLIENT SSL_MODE_SERVER SSL_MODE_COMBINED
Exception
public static int free(long ctx)
ctx
- Server or Client context to free.
public static void setContextId(long ctx, String id)
ctx
- Context to use.id
- String that uniquely identifies this context.public static void setBIO(long ctx, long bio, int dir)
[ERROR] -- Critical error messages [WARN] -- Warning messages [INFO] -- Informational messages [DEBUG] -- Debugging messagedCallback can use that word to determine application logging level by intercepting write call. If the bio is set to 0 no error messages will be displayed. Default is to use the stderr output stream.
ctx
- Server or Client context to use.bio
- BIO handle to use, created with SSL.newBIOdir
- BIO direction (1 for input 0 for output).public static void setOptions(long ctx, int options)
ctx
- Server or Client context to use.options
- See SSL.SSL_OP_* for option flags.public static void setQuietShutdown(long ctx, boolean mode)
ctx
- Server or Client context to use.mode
- True to set the quiet shutdown.public static boolean setCipherSuite(long ctx, String ciphers) throws Exception
ctx
- Server or Client context to use.ciphers
- An SSL cipher specification.
Exception
public static boolean setCARevocation(long ctx, String file, String path) throws Exception
ctx
- Server or Client context to use.file
- File of concatenated PEM-encoded CA CRLs for Client Auth.path
- Directory of PEM-encoded CA Certificates for Client Auth.
Exception
public static boolean setCertificateChainFile(long ctx, String file, boolean skipfirst)
ctx
- Server or Client context to use.file
- File of PEM-encoded Server CA Certificates.skipfirst
- Skip first certificate if chain file is inside
certificate file.public static boolean setCertificate(long ctx, String cert, String key, String password, int idx) throws Exception
ctx
- Server or Client context to use.cert
- Certificate file.key
- Private Key file to use if not in cert.password
- Certificate password. If null and certificate
is encrypted, password prompt will be displayed.idx
- Certificate index SSL_AIDX_RSA or SSL_AIDX_DSA.
Exception
public static boolean setCACertificate(long ctx, String file, String path) throws Exception
ctx
- Server or Client context to use.file
- File of concatenated PEM-encoded CA Certificates for
Client Auth.path
- Directory of PEM-encoded CA Certificates for Client Auth.
Exception
public static void setRandom(long ctx, String file)
ctx
- Server or Client context to use.file
- random file.public static void setShutdownType(long ctx, int type)
SSL_SHUTDOWN_TYPE_STANDARD SSL_SHUTDOWN_TYPE_UNCLEAN SSL_SHUTDOWN_TYPE_ACCURATE
ctx
- Server or Client context to use.type
- Shutdown type to use.public static void setVerify(long ctx, int level, int depth)
SSL_CVERIFY_NONE - No client Certificate is required at all SSL_CVERIFY_OPTIONAL - The client may present a valid Certificate SSL_CVERIFY_REQUIRE - The client has to present a valid Certificate SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid Certificate but it need not to be (successfully) verifiable
setCACertificatePath
), etc.
ctx
- Server or Client context to use.level
- Type of Client Certificate verification.depth
- Maximum depth of CA Certificates in Client Certificate
verification.
|
Apache Tomcat 7.0.28 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |