@ProviderType
public interface SslManagerService
Modifier and Type | Method and Description |
---|---|
void |
deleteTrustCertificate(java.lang.String alias)
Deletes the X509 certificate with the specified Common Name (cn) from the currently configured trust store.
|
SslManagerServiceOptions |
getConfigurationOptions()
Returns the SSL service configuration.
|
javax.net.ssl.SSLSocketFactory |
getSSLSocketFactory()
Returns an SSLSocketFactory based on the current configuration of the SslManagerService and applying
best practices like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello.
If the SslManagerService configuration contains a path to a custom Trust store, then it will be used. |
javax.net.ssl.SSLSocketFactory |
getSSLSocketFactory(java.lang.String keyAlias)
Returns an SSLSocketFactory based on the current configuration of the SslManagerService and applying
best practices like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello.
If the SslManagerService configuration contains a path to a custom Trust store, then it will be used. |
javax.net.ssl.SSLSocketFactory |
getSSLSocketFactory(java.lang.String protocol,
java.lang.String cipherSuites,
java.lang.String trustStorePath,
java.lang.String keyStorePath,
char[] keyStorePassword,
java.lang.String keyAlias)
Returns an SSLSocketFactory based on the specified parameters and applying best practices
like Hostname Verification (enabled by default) and disables the legacy SSL-2.0-compatible Client Hello.
|
javax.net.ssl.SSLSocketFactory |
getSSLSocketFactory(java.lang.String protocol,
java.lang.String cipherSuites,
java.lang.String trustStorePath,
java.lang.String keyStorePath,
char[] keyStorePassword,
java.lang.String keyAlias,
boolean hostnameVerification)
Returns an SSLSocketFactory based on the specified parameters and applying best practices
like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello.
|
java.security.cert.X509Certificate[] |
getTrustCertificates()
Returns the X509 Certificates installed in the currently configured trust store.
|
void |
installPrivateKey(java.lang.String alias,
java.security.PrivateKey privateKey,
char[] password,
java.security.cert.Certificate[] publicCerts)
Installs a private key and the correspondent public certificate chains in the configured key store with the
defined alias.
|
void |
installTrustCertificate(java.lang.String alias,
java.security.cert.X509Certificate x509crt)
Installs the specified X509 certificate in the currently configured trust store.
|
javax.net.ssl.SSLSocketFactory getSSLSocketFactory() throws java.security.GeneralSecurityException, java.io.IOException
java.security.GeneralSecurityException
java.io.IOException
javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String keyAlias) throws java.security.GeneralSecurityException, java.io.IOException
keyAlias
- alias of the entry in the KeyStore to be used for the returned SSLSocketFactoryjava.security.GeneralSecurityException
java.io.IOException
javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String protocol, java.lang.String cipherSuites, java.lang.String trustStorePath, java.lang.String keyStorePath, char[] keyStorePassword, java.lang.String keyAlias) throws java.security.GeneralSecurityException, java.io.IOException
protocol
- the protocol to use to initialize the SSLContext - e.g. TLSv1.2cipherSuites
- allowed cipher suites for the returned SSLSocketFactorytrustStorePath
- Location of the Java keystore file containing the collection of CA certificates trusted by this
application process (trust store). Key store type is expected to be JKS.keyStorePath
- Location of the Java keystore file containing an application process's own certificate and private
key. Key store type is expected to be JKS.keyStorePassword
- Password to access the private key from the keystore file.keyAlias
- alias of the entry in the KeyStore to be used for the returned SSLSocketFactoryjava.security.GeneralSecurityException
java.io.IOException
javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String protocol, java.lang.String cipherSuites, java.lang.String trustStorePath, java.lang.String keyStorePath, char[] keyStorePassword, java.lang.String keyAlias, boolean hostnameVerification) throws java.security.GeneralSecurityException, java.io.IOException
protocol
- the protocol to use to initialize the SSLContext - e.g. TLSv1.2cipherSuites
- allowed cipher suites for the returned SSLSocketFactorytrustStorePath
- Location of the Java keystore file containing the collection of CA certificates trusted by this
application process (trust store). Key store type is expected to be JKS.keyStorePath
- Location of the Java keystore file containing an application process's own certificate and private
key. Key store type is expected to be JKS.keyStorePassword
- Password to access the private key from the keystore file.keyAlias
- alias of the entry in the KeyStore to be used for the returned SSLSocketFactoryhostnameVerification
- enable server Hostname Verificationjava.security.GeneralSecurityException
java.io.IOException
java.security.cert.X509Certificate[] getTrustCertificates() throws java.security.GeneralSecurityException, java.io.IOException
java.security.GeneralSecurityException
java.io.IOException
void installTrustCertificate(java.lang.String alias, java.security.cert.X509Certificate x509crt) throws java.security.GeneralSecurityException, java.io.IOException
x509crt
- certificate to be installedjava.security.GeneralSecurityException
java.io.IOException
void deleteTrustCertificate(java.lang.String alias) throws java.security.GeneralSecurityException, java.io.IOException
alias
- java.security.GeneralSecurityException
java.io.IOException
void installPrivateKey(java.lang.String alias, java.security.PrivateKey privateKey, char[] password, java.security.cert.Certificate[] publicCerts) throws java.security.GeneralSecurityException, java.io.IOException
alias
- that is a string that will be used to identify the certificates in the key storeprivateKey
- that represents PrivateKey objectpassword
- that represents the password used to encode the keys in the key storepublicCerts
- that represents an array of Certificate objects that contain the public certificate chainjava.security.GeneralSecurityException
java.io.IOException
SslManagerServiceOptions getConfigurationOptions() throws java.security.GeneralSecurityException, java.io.IOException
java.security.GeneralSecurityException
java.io.IOException