Package com.browserup.bup.mitm.manager

Class ImpersonatingMitmManager.Builder

    • Constructor Detail

      • Builder

        public Builder()

    • Method Detail

      • serverMessageDigest

        public ImpersonatingMitmManager.Builder serverMessageDigest​(java.lang.String serverMessageDigest)
        The message digest that will be used when signing server certificates with the root certificate's private key.
        Parameters:
        serverMessageDigest - serverMessageDigest
        Returns:
        Builder

      • trustAllServers

        public ImpersonatingMitmManager.Builder trustAllServers​(boolean trustAllServers)
        When true, no upstream certificate verification will be performed. This will make it possible for attackers to MITM communications with the upstream server, so use trustAllServers only when testing. Calling this method with 'true' will remove any trustSource set with trustSource(TrustSource). Calling this method with 'false' has no effect unless trustAllServers was previously called with 'true'. To set a specific TrustSource, use trustSource(TrustSource).
        Parameters:
        trustAllServers - trustAllServers
        Returns:
        Builder

      • trustSource

        public ImpersonatingMitmManager.Builder trustSource​(TrustSource trustSource)
        The TrustSource that supplies the trusted root CAs used to validate upstream servers' certificates.
        Parameters:
        trustSource - trustSource
        Returns:
        Builder

      • cacheConcurrencyLevel

        public ImpersonatingMitmManager.Builder cacheConcurrencyLevel​(int cacheConcurrencyLevel)
        The concurrency level for the SSLContext cache. Increase this beyond the default value for high-volume proxy servers.
        Parameters:
        cacheConcurrencyLevel - cacheConcurrencyLevel
        Returns:
        Builder

      • cacheExpirationInterval

        public ImpersonatingMitmManager.Builder cacheExpirationInterval​(long cacheExpirationInterval,
                                                                java.util.concurrent.TimeUnit timeUnit)
        The length of time SSLContexts with forged certificates will be kept in the cache.
        Parameters:
        cacheExpirationInterval - cacheExpirationInterval
        timeUnit - timeUnit
        Returns:
        Builder

      • serverCiphers

        public ImpersonatingMitmManager.Builder serverCiphers​(java.util.Collection<java.lang.String> serverCiphers)
        The cipher suites allowed on connections to upstream servers. Cipher suite names should be specified in Java format, rather than OpenSSL format (e.g., TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384), even when using OpenSSL. Ciphers will be preferred in the order they are returned by the collection's iterator.
        Parameters:
        serverCiphers - serverCiphers
        Returns:
        Builder

      • clientCiphers

        public ImpersonatingMitmManager.Builder clientCiphers​(java.util.Collection<java.lang.String> clientCiphers)
        The cipher suites allowed on client connections to the proxy. Cipher suite names should be specified in Java format, rather than OpenSSL format (e.g., TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384), even when using OpenSSL. Ciphers will be preferred in the order they are returned by the collection's iterator.
        Parameters:
        clientCiphers - clientCiphers
        Returns:
        Builder