Package org.glassfish.admin.mbeanserver.ssl

Class SSLParams

  • public class SSLParams
extends Object
    This class is a config holder for configuring SSL Sockets. It comes with set of defaults as defined below TrustAlgorithm = SunX509 keystore type = JKS truststore type = JKS protocol = TLS tls Enabled= true It also picks up the value of keystore, keystore password, truststore , trustore password from system properties. Usage : This class can be used in any enviroment , where one wants to pass in SSL defaults programatically as well as use a default set of configuration without setting in values explicitly.
    Author:
    prasads@dev.java.net

    • Constructor Detail

      • SSLParams

        public SSLParams​(File truststore,
                 String trustStorePwd,
                 String trustStoreType)

      • SSLParams

        public SSLParams()

    • Method Detail

      • getTrustStore

        public File getTrustStore()

      • getTrustStorePassword

        public String getTrustStorePassword()

      • getTrustStoreType

        public String getTrustStoreType()

      • getTrustAlgorithm

        public String getTrustAlgorithm()

      • setTrustAlgorithm

        public void setTrustAlgorithm​(String algorithm)

      • getEnabledCiphers

        public String[] getEnabledCiphers()

      • setEnabledCiphers

        public void setEnabledCiphers​(String[] enabledCiphers)

      • getEnabledProtocols

        public String[] getEnabledProtocols()

      • setEnabledProtocols

        public void setEnabledProtocols​(String[] enabledProtocols)

      • getProtocol

        public String getProtocol()

      • setProtocol

        public void setProtocol​(String protocol)

      • setTrustMaxCertLength

        public void setTrustMaxCertLength​(String maxLength)

      • getCertNickname

        public String getCertNickname()

      • setCertNickname

        public void setCertNickname​(String certNickname)

      • getClientAuthEnabled

        public String getClientAuthEnabled()
        Determines whether client authentication is performed on every request, independent of ACL-based access control.

      • setClientAuthEnabled

        public void setClientAuthEnabled​(String clientAuthEnabled)

      • getClientAuth

        public String getClientAuth()
        Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank

      • setClientAuth

        public void setClientAuth​(String clientAuth)

      • getCrlFile

        public String getCrlFile()

      • setCrlFile

        public void setCrlFile​(String crlFile)

      • getKeyAlgorithm

        public String getKeyAlgorithm()

      • setKeyAlgorithm

        public void setKeyAlgorithm​(String algorithm)

      • getKeyStoreType

        public String getKeyStoreType()
        type of the keystore file

      • setKeyStoreType

        public void setKeyStoreType​(String type)

      • getKeyStorePassword

        public String getKeyStorePassword()

      • setKeyStorePassword

        public void setKeyStorePassword​(String password)

      • getKeyStore

        public File getKeyStore()

      • setKeyStore

        public void setKeyStore​(String location)

      • getSsl3TlsCiphers

        public String getSsl3TlsCiphers()
        A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.

      • setSsl3TlsCiphers

        public void setSsl3TlsCiphers​(String ssl3TlsCiphers)

      • getTls12Enabled

        public Boolean getTls12Enabled()
        Determines whether TLSv1.2 is enabled.

      • setTls12Enabled

        public void setTls12Enabled​(String tls12Enabled)

      • getTls13Enabled

        public Boolean getTls13Enabled()
        Determines whether TLSv1.3 is enabled.

      • setTls13Enabled

        public void setTls13Enabled​(String tls13Enabled)

      • getTlsRollbackEnabled

        public Boolean getTlsRollbackEnabled()
        Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE

      • setTlsRollbackEnabled

        public void setTlsRollbackEnabled​(String tlsRollBackEnabled)

      • getHstsEnabled

        public Boolean getHstsEnabled()
        Determines whether Strict Transport Security is set

      • setHstsEnabled

        public void setHstsEnabled​(String hstsEnabled)

      • getHstsSubDomains

        public Boolean getHstsSubDomains()

      • setHstsSubDomains

        public void setHstsSubDomains​(Boolean hstsSubDomains)

      • getHstsPreload

        public Boolean getHstsPreload()

      • setHstsPreload

        public void setHstsPreload​(Boolean hstsPreload)