Package org.glassfish.admin.mbeanserver.ssl

Class SSLParams

java.lang.Object
org.glassfish.admin.mbeanserver.ssl.SSLParams
public class SSLParams extends Object
This class is a config holder for configuring SSL Sockets. It comes with set of defaults as defined below TrustAlgorithm = SunX509 keystore type = JKS truststore type = JKS protocol = TLS ssl3 Enabled = true tls Enabled= true It also picks up the value of keystore, keystore password, truststore , trustore password from system properties. Usage : This class can be used in any enviroment , where one wants to pass in SSL defaults programatically as well as use a default set of configuration without setting in values explicitly.
Author:
prasads@dev.java.net

  • Constructor Details

    • SSLParams

      public SSLParams(File truststore, String trustStorePwd, String trustStoreType)

    • SSLParams

      public SSLParams()

  • Method Details

    • getTrustStore

      public File getTrustStore()

    • getTrustStorePassword

      public String getTrustStorePassword()

    • getTrustStoreType

      public String getTrustStoreType()

    • getTrustAlgorithm

      public String getTrustAlgorithm()

    • setTrustAlgorithm

      public void setTrustAlgorithm(String algorithm)

    • getEnabledCiphers

      public String[] getEnabledCiphers()

    • setEnabledCiphers

      public void setEnabledCiphers(String[] enabledCiphers)

    • getEnabledProtocols

      public String[] getEnabledProtocols()

    • setEnabledProtocols

      public void setEnabledProtocols(String[] enabledProtocols)

    • getProtocol

      public String getProtocol()

    • setProtocol

      public void setProtocol(String protocol)

    • setTrustMaxCertLength

      public void setTrustMaxCertLength(String maxLength)

    • getCertNickname

      public String getCertNickname()

    • setCertNickname

      public void setCertNickname(String certNickname)

    • getClientAuthEnabled

      public String getClientAuthEnabled()
      Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control.

    • setClientAuthEnabled

      public void setClientAuthEnabled(String clientAuthEnabled)

    • getClientAuth

      public String getClientAuth()
      Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank

    • setClientAuth

      public void setClientAuth(String clientAuth)

    • getCrlFile

      public String getCrlFile()

    • setCrlFile

      public void setCrlFile(String crlFile)

    • getKeyAlgorithm

      public String getKeyAlgorithm()

    • setKeyAlgorithm

      public void setKeyAlgorithm(String algorithm)

    • getKeyStoreType

      public String getKeyStoreType()
      type of the keystore file

    • setKeyStoreType

      public void setKeyStoreType(String type)

    • getKeyStorePassword

      public String getKeyStorePassword()

    • setKeyStorePassword

      public void setKeyStorePassword(String password)

    • getKeyStore

      public File getKeyStore()

    • setKeyStore

      public void setKeyStore(String location)

    • getSsl2Ciphers

      public String getSsl2Ciphers()
      A comma-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable, for example +rc4. Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3. If no value is specified, all supported ciphers are assumed to be enabled. NOT Used in PE

    • setSsl2Ciphers

      public void setSsl2Ciphers(String ssl2Ciphers)

    • getSsl2Enabled

      public Boolean getSsl2Enabled()
      Determines whether SSL2 is enabled. NOT Used in PE. SSL2 is not supported by either iiop or web-services. When this element is used as a child of the iiop-listener element then the only allowed value for this attribute is "false".

    • setSsl2Enabled

      public void setSsl2Enabled(String ssl2Enabled)

    • getSsl3Enabled

      public Boolean getSsl3Enabled()
      Determines whether SSL3 is enabled. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption.

    • setSsl3Enabled

      public void setSsl3Enabled(String ssl3Enabled)

    • getSsl3TlsCiphers

      public String getSsl3TlsCiphers()
      A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.

    • setSsl3TlsCiphers

      public void setSsl3TlsCiphers(String ssl3TlsCiphers)

    • getTlsEnabled

      public Boolean getTlsEnabled()
      Determines whether TLS is enabled.

    • getTls11Enabled

      public Boolean getTls11Enabled()

    • getTls12Enabled

      public Boolean getTls12Enabled()

    • getTls13Enabled

      public Boolean getTls13Enabled()

    • setTlsEnabled

      public void setTlsEnabled(String tlsEnabled)

    • setTls11Enabled

      public void setTls11Enabled(String tls11Enabled)

    • setTls12Enabled

      public void setTls12Enabled(String tls12Enabled)

    • setTls13Enabled

      public void setTls13Enabled(String tls13Enabled)

    • getTlsRollbackEnabled

      public Boolean getTlsRollbackEnabled()
      Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE

    • setTlsRollbackEnabled

      public void setTlsRollbackEnabled(String tlsRollBackEnabled)