Package tigase.io

Class SSLContextContainer

    • Constructor Detail

      • SSLContextContainer

        public SSLContextContainer()
        Constructor for bean only

      • SSLContextContainer

        public SSLContextContainer​(CertificateContainerIfc certContainer)
        Constructor used to create root SSLContextContainer instance which should cache only SSLContext instances where array of TrustManagers is not set - common for all ConnectionManagers. This instance is kept by TLSUtil class.

      • SSLContextContainer

        public SSLContextContainer​(CertificateContainerIfc certContainer,
                           SSLContextContainerIfc parent)
        Constructor used to create instances for every ConnectionManager so that every connection manager can have different TrustManagers and SSLContext instance will still be cached.

    • Method Detail

      • createIoInterface

        public IOInterface createIoInterface​(java.lang.String protocol,
                                     java.lang.String local_hostname,
                                     java.lang.String remote_hostname,
                                     int port,
                                     boolean clientMode,
                                     boolean wantClientAuth,
                                     boolean needClientAuth,
                                     java.nio.ByteOrder byteOrder,
                                     javax.net.ssl.TrustManager[] x509TrustManagers,
                                     TLSEventHandler eventHandler,
                                     IOInterface socketIO,
                                     CertificateContainerIfc certificateContainer)
                              throws java.io.IOException
        Specified by:
        createIoInterface in interface SSLContextContainerIfc
        Throws:
        java.io.IOException

      • setEnabledCiphers

        public void setEnabledCiphers​(java.lang.String[] enabledCiphers)

      • setEnabledProtocols

        public void setEnabledProtocols​(java.lang.String[] enabledProtocols)

      • setEphemeralDHKeySize

        public void setEphemeralDHKeySize​(int ephemeralDHKeySize)

      • getSSLContext

        public javax.net.ssl.SSLContext getSSLContext​(java.lang.String protocol,
                                              java.lang.String hostname,
                                              boolean clientMode,
                                              javax.net.ssl.TrustManager[] tms)
        Description copied from interface: SSLContextContainerIfc
        Method getSSLContext creates and returns new SSLContext for a given domain (hostname). For creation of the SSLContext a certificate associated with this domain (hostname) should be used. If there is no specific certificate for a given domain then default certificate should be used.
        Specified by:
        getSSLContext in interface SSLContextContainerIfc
        Parameters:
        protocol - a String is either 'SSL' or 'TLS' value.
        hostname - a String value keeps a hostname or domain for SSLContext.
        clientMode - if set SSLContext will be created for client mode (ie. creation of server certificate will be skipped if there is no certificate)
        tms - array of TrustManagers which should be used to validate remote certificate
        Returns:
        a SSLContext value

      • setTlsJdkNssBugWorkaround

        public void setTlsJdkNssBugWorkaround​(boolean value)

      • initialize

        public void initialize()
        Description copied from interface: Initializable
        Method will be called, when bean will be created, configured and ready to use.
        Specified by:
        initialize in interface Initializable

      • start

        public void start()
        Specified by:
        start in interface Lifecycle

      • stop

        public void stop()
        Specified by:
        stop in interface Lifecycle