SslManagerService (Eclipse Kura 5.4.0)

```
@ProviderType
public interface SslManagerService
```
The SslManagerService is responsible to manage the configuration of the SSL connections. It provide APIs to manage the trust certificates and the private keys and public certificates and enforces best practices that are not enabled by default in the Java VM. For example, it enables Hostname Verification, disables the legacy SSL-2.0-compatible Client Hello, and disable the Nagle algorithm. Its implementation is configurable exposing the possibility to express the allowed SSL protocols, the allowed cipher suites, and the location of the Trust Store and the Key Store files.

Method Summary

All Methods Instance Methods Abstract Methods Deprecated Methods
Modifier and Type	Method and Description
`void`	`deleteTrustCertificate(java.lang.String alias)` Deprecated.
`javax.net.ssl.SSLContext`	`getSSLContext()` Returns an SSLContext based on the current configuration of the SslManagerService and applying best practices like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello. If the SslManagerService configuration contains a path to a custom Trust store, then it will be used.
`javax.net.ssl.SSLContext`	`getSSLContext(java.lang.String keyAlias)` Returns an SSLContext based on the current configuration of the SslManagerService and applying best practices like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello. If the SslManagerService configuration contains a path to a custom Trust store, then it will be used.
`javax.net.ssl.SSLSocketFactory`	`getSSLSocketFactory()` Shorthand for getSSLContext().getSocketFactory().
`javax.net.ssl.SSLSocketFactory`	`getSSLSocketFactory(java.lang.String keyAlias)` Shorthand for getSSLContext(String).getSocketFactory().
`javax.net.ssl.SSLSocketFactory`	`getSSLSocketFactory(java.lang.String protocol, java.lang.String cipherSuites, java.lang.String trustStorePath, java.lang.String keyStorePath, char[] keyStorePassword, java.lang.String keyAlias)` Deprecated. The methods that allow to explicitly specify a keystore should not be used anymore.
`javax.net.ssl.SSLSocketFactory`	`getSSLSocketFactory(java.lang.String protocol, java.lang.String cipherSuites, java.lang.String trustStorePath, java.lang.String keyStorePath, char[] keyStorePassword, java.lang.String keyAlias, boolean hostnameVerification)` Deprecated. The methods that allow to explicitly specify a keystore should not be used anymore.
`java.security.cert.X509Certificate[]`	`getTrustCertificates()` Deprecated.
`void`	`installPrivateKey(java.lang.String alias, java.security.PrivateKey privateKey, char[] password, java.security.cert.Certificate[] publicCerts)` Deprecated.
`void`	`installTrustCertificate(java.lang.String alias, java.security.cert.X509Certificate x509crt)` Deprecated.

- Method Detail
  - getSSLContext
```
javax.net.ssl.SSLContext getSSLContext()
                                throws java.security.GeneralSecurityException,
                                       java.io.IOException
```
    Returns an SSLContext based on the current configuration of the SslManagerService and applying best practices like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello.
    If the SslManagerService configuration contains a path to a custom Trust store, then it will be used. If not, the Java VM default Trust Store will be used.
    If the SslManagerService configuration contains a path to a custom Key store, then it will be used. If not, no Key store will be specified..
    
    Returns:
    
    the SSLContext
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
    
    Since:
    
    2.2
  - getSSLContext
```
javax.net.ssl.SSLContext getSSLContext(java.lang.String keyAlias)
                                throws java.security.GeneralSecurityException,
                                       java.io.IOException
```
    Returns an SSLContext based on the current configuration of the SslManagerService and applying best practices like Hostname Verification and disables the legacy SSL-2.0-compatible Client Hello.
    If the SslManagerService configuration contains a path to a custom Trust store, then it will be used. If not, the Java VM default Trust Store will be used.
    If the SslManagerService configuration contains a path to a custom Key store, and such store contains a KeyEntry with the alias "keyAlias" then a KeyStore with the only such KeyEntry will be used. If no custom store is configured or it does not contain the "keyAlias" specified, no Key store will be specified..
    
    Parameters:
    
    keyAlias - alias of the entry in the KeyStore to be used for the returned SSLSocketFactory
    
    Returns:
    
    the SSLContext
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
    
    Since:
    
    2.2
  - getSSLSocketFactory
```
javax.net.ssl.SSLSocketFactory getSSLSocketFactory()
                                            throws java.security.GeneralSecurityException,
                                                   java.io.IOException
```
    Shorthand for getSSLContext().getSocketFactory().
    
    Returns:
    
    the SSLSocketFactory
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - getSSLSocketFactory
```
javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String keyAlias)
                                            throws java.security.GeneralSecurityException,
                                                   java.io.IOException
```
    Shorthand for getSSLContext(String).getSocketFactory().
    
    Parameters:
    
    keyAlias - alias of the entry in the KeyStore to be used for the returned SSLSocketFactory
    
    Returns:
    
    the SSLSocketFactory
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - getSSLSocketFactory
```
@Deprecated
javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String protocol,
                                                               java.lang.String cipherSuites,
                                                               java.lang.String trustStorePath,
                                                               java.lang.String keyStorePath,
                                                               char[] keyStorePassword,
                                                               java.lang.String keyAlias)
                                                        throws java.security.GeneralSecurityException,
                                                               java.io.IOException
```
    Deprecated. The methods that allow to explicitly specify a keystore should not be used anymore.
    
    Shorthand for getSSLContext(String, String, String, String, char[], String).getSocketFactory().
    
    Parameters:
    
    protocol - the protocol to use to initialize the SSLContext - e.g. TLSv1.2
    
    cipherSuites - allowed cipher suites for the returned SSLSocketFactory
    
    trustStorePath - Location of the Java keystore file containing the collection of CA certificates trusted by this application process (trust store). Key store type is expected to be JKS.
    
    keyStorePath - Location of the Java keystore file containing an application process's own certificate and private key. Key store type is expected to be JKS.
    
    keyStorePassword - Password to access the private key from the keystore file.
    
    keyAlias - alias of the entry in the KeyStore to be used for the returned SSLSocketFactory
    
    Returns:
    
    the SSLSocketFactory
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - getSSLSocketFactory
```
@Deprecated
javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String protocol,
                                                               java.lang.String cipherSuites,
                                                               java.lang.String trustStorePath,
                                                               java.lang.String keyStorePath,
                                                               char[] keyStorePassword,
                                                               java.lang.String keyAlias,
                                                               boolean hostnameVerification)
                                                        throws java.security.GeneralSecurityException,
                                                               java.io.IOException
```
    Deprecated. The methods that allow to explicitly specify a keystore should not be used anymore.
    
    Shorthand for getSSLContext(String, String, String, String, char[], String, boolean).getSocketFactory().
    
    Parameters:
    
    protocol - the protocol to use to initialize the SSLContext - e.g. TLSv1.2
    
    cipherSuites - allowed cipher suites for the returned SSLSocketFactory
    
    trustStorePath - Location of the Java keystore file containing the collection of CA certificates trusted by this application process (trust store). Key store type is expected to be JKS.
    
    keyStorePath - Location of the Java keystore file containing an application process's own certificate and private key. Key store type is expected to be JKS.
    
    keyStorePassword - Password to access the private key from the keystore file.
    
    keyAlias - alias of the entry in the KeyStore to be used for the returned SSLSocketFactory
    
    hostnameVerification - enable server Hostname Verification
    
    Returns:
    
    the SSLSocketFactory
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - getTrustCertificates
```
@Deprecated
java.security.cert.X509Certificate[] getTrustCertificates()
                                                               throws java.security.GeneralSecurityException,
                                                                      java.io.IOException
```
    Deprecated.
    
    Returns the X509 Certificates installed in the currently configured trust store. If the SslManagerService configuration contains a path to a custom trust store, then the returned certificates are the ones installed in such store. Otherwise the default Java VM trust store will be listed.
    
    Returns:
    
    the X509Certificates
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - installTrustCertificate
```
@Deprecated
void installTrustCertificate(java.lang.String alias,
                                         java.security.cert.X509Certificate x509crt)
                                  throws java.security.GeneralSecurityException,
                                         java.io.IOException
```
    Deprecated.
    
    Installs the specified X509 certificate in the currently configured trust store. If the SslManagerService configuration contains a path to a custom trust store, then the certificate will be installed in such store. Otherwise the certificate will be installed in the default Java VM trust store.
    
    Parameters:
    
    x509crt - certificate to be installed
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - deleteTrustCertificate
```
@Deprecated
void deleteTrustCertificate(java.lang.String alias)
                                 throws java.security.GeneralSecurityException,
                                        java.io.IOException
```
    Deprecated.
    
    Deletes the X509 certificate with the specified Common Name (cn) from the currently configured trust store. If the SslManagerService configuration contains a path to a custom trust store, then the certificate will be deleted from such store. Otherwise the certificate will be deleted from the default Java VM trust store.
    
    Parameters:
    
    alias -
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException
  - installPrivateKey
```
@Deprecated
void installPrivateKey(java.lang.String alias,
                                   java.security.PrivateKey privateKey,
                                   char[] password,
                                   java.security.cert.Certificate[] publicCerts)
                            throws java.security.GeneralSecurityException,
                                   java.io.IOException
```
    Deprecated.
    
    Installs a private key and the correspondent public certificate chains in the configured key store with the defined alias.
    
    Parameters:
    
    alias - that is a string that will be used to identify the certificates in the key store
    
    privateKey - that represents PrivateKey object
    
    password - that represents the password used to encode the keys in the key store
    
    publicCerts - that represents an array of Certificate objects that contain the public certificate chain
    
    Throws:
    
    java.security.GeneralSecurityException
    
    java.io.IOException

Interface SslManagerService

Method Summary

Method Detail

getSSLContext

getSSLContext

getSSLSocketFactory

getSSLSocketFactory

getSSLSocketFactory

getSSLSocketFactory

getTrustCertificates

installTrustCertificate

deleteTrustCertificate

installPrivateKey