Package org.apache.tomcat.util.net
Class SSLUtilBase
- java.lang.Object
- 
- org.apache.tomcat.util.net.SSLUtilBase
 
- 
- All Implemented Interfaces:
- SSLUtil
 - Direct Known Subclasses:
- JSSEUtil,- OpenSSLUtil
 
 public abstract class SSLUtilBase extends java.lang.Object implements SSLUtil Common base class forSSLUtilimplementations.
- 
- 
Nested Class Summary- 
Nested classes/interfaces inherited from interface org.apache.tomcat.util.net.SSLUtilSSLUtil.ProtocolInfo
 
- 
 - 
Field SummaryFields Modifier and Type Field Description protected SSLHostConfigCertificatecertificateprotected SSLHostConfigsslHostConfig
 - 
Constructor SummaryConstructors Modifier Constructor Description protectedSSLUtilBase(SSLHostConfigCertificate certificate)protectedSSLUtilBase(SSLHostConfigCertificate certificate, boolean warnTls13)
 - 
Method SummaryAll Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description voidconfigureSessionContext(javax.net.ssl.SSLSessionContext sslSessionContext)SSLContextcreateSSLContext(java.util.List<java.lang.String> negotiableProtocols)protected abstract SSLContextcreateSSLContextInternal(java.util.List<java.lang.String> negotiableProtocols)protected java.util.Collection<? extends java.security.cert.CRL>getCRLs(java.lang.String crlf)Load the collection of CRLs.java.lang.String[]getEnabledCiphers()The set of enabled ciphers is the intersection of the implemented ciphers and the configured ciphers.java.lang.String[]getEnabledProtocols()The set of enabled protocols is the intersection of the implemented protocols and the configured protocols.protected abstract java.util.Set<java.lang.String>getImplementedCiphers()protected abstract java.util.Set<java.lang.String>getImplementedProtocols()javax.net.ssl.KeyManager[]getKeyManagers()protected abstract LoggetLog()protected java.security.cert.CertPathParametersgetParameters(java.lang.String crlf, java.security.KeyStore trustStore, boolean revocationEnabled)Return the initialization parameters for the TrustManager.javax.net.ssl.TrustManager[]getTrustManagers()protected abstract booleanisTls13RenegAuthAvailable()
 
- 
- 
- 
Field Detail- 
sslHostConfigprotected final SSLHostConfig sslHostConfig 
 - 
certificateprotected final SSLHostConfigCertificate certificate 
 
- 
 - 
Constructor Detail- 
SSLUtilBaseprotected SSLUtilBase(SSLHostConfigCertificate certificate) 
 - 
SSLUtilBaseprotected SSLUtilBase(SSLHostConfigCertificate certificate, boolean warnTls13) 
 
- 
 - 
Method Detail- 
createSSLContextpublic final SSLContext createSSLContext(java.util.List<java.lang.String> negotiableProtocols) throws java.lang.Exception - Specified by:
- createSSLContextin interface- SSLUtil
- Throws:
- java.lang.Exception
 
 - 
configureSessionContextpublic void configureSessionContext(javax.net.ssl.SSLSessionContext sslSessionContext) - Specified by:
- configureSessionContextin interface- SSLUtil
 
 - 
getKeyManagerspublic javax.net.ssl.KeyManager[] getKeyManagers() throws java.lang.Exception- Specified by:
- getKeyManagersin interface- SSLUtil
- Throws:
- java.lang.Exception
 
 - 
getEnabledProtocolspublic java.lang.String[] getEnabledProtocols() Description copied from interface:SSLUtilThe set of enabled protocols is the intersection of the implemented protocols and the configured protocols. If no protocols are explicitly configured, then all of the implemented protocols will be included in the returned array.- Specified by:
- getEnabledProtocolsin interface- SSLUtil
- Returns:
- The protocols currently enabled and available for clients to select from for the associated connection
 
 - 
getEnabledCipherspublic java.lang.String[] getEnabledCiphers() Description copied from interface:SSLUtilThe set of enabled ciphers is the intersection of the implemented ciphers and the configured ciphers. If no ciphers are explicitly configured, then the default ciphers will be included in the returned array.The ciphers used during the TLS handshake may be further restricted by the SSLUtil.getEnabledProtocols()and the certificates.- Specified by:
- getEnabledCiphersin interface- SSLUtil
- Returns:
- The ciphers currently enabled and available for clients to select from for the associated connection
 
 - 
getTrustManagerspublic javax.net.ssl.TrustManager[] getTrustManagers() throws java.lang.Exception- Specified by:
- getTrustManagersin interface- SSLUtil
- Throws:
- java.lang.Exception
 
 - 
getParametersprotected java.security.cert.CertPathParameters getParameters(java.lang.String crlf, java.security.KeyStore trustStore, boolean revocationEnabled) throws java.lang.ExceptionReturn the initialization parameters for the TrustManager. Currently, only the defaultPKIXis supported.- Parameters:
- crlf- The path to the CRL file.
- trustStore- The configured TrustStore.
- revocationEnabled- Should the JSSE provider perform revocation checks? Ignored if- crlfis non-null. Configuration of revocation checks are expected to be via proprietary JSSE provider methods.
- Returns:
- The parameters including the CRLs and TrustStore.
- Throws:
- java.lang.Exception- An error occurred
 
 - 
getCRLsprotected java.util.Collection<? extends java.security.cert.CRL> getCRLs(java.lang.String crlf) throws java.io.IOException, java.security.cert.CRLException, java.security.cert.CertificateExceptionLoad the collection of CRLs.- Parameters:
- crlf- The path to the CRL file.
- Returns:
- the CRLs collection
- Throws:
- java.io.IOException- Error reading CRL file
- java.security.cert.CRLException- CRL error
- java.security.cert.CertificateException- Error processing certificate
 
 - 
getImplementedProtocolsprotected abstract java.util.Set<java.lang.String> getImplementedProtocols() 
 - 
getImplementedCiphersprotected abstract java.util.Set<java.lang.String> getImplementedCiphers() 
 - 
getLogprotected abstract Log getLog() 
 - 
isTls13RenegAuthAvailableprotected abstract boolean isTls13RenegAuthAvailable() 
 - 
createSSLContextInternalprotected abstract SSLContext createSSLContextInternal(java.util.List<java.lang.String> negotiableProtocols) throws java.lang.Exception - Throws:
- java.lang.Exception
 
 
- 
 
-