Package edu.uiuc.ncsa.security.util.ssl

Class SSLConfiguration

java.lang.Object

edu.uiuc.ncsa.security.util.ssl.SSLKeystoreConfiguration

edu.uiuc.ncsa.security.util.ssl.SSLConfiguration

All Implemented Interfaces:

Serializable

public class SSLConfiguration
extends SSLKeystoreConfiguration

Created by Jeff Gaynor
on Jun 12, 2010 at 9:27:22 AM

See Also:

Serialized Form

Field Summary

Fields inherited from class edu.uiuc.ncsa.security.util.ssl.SSLKeystoreConfiguration

JAVA_DEFAULT_KEYSTORE_PASSWORD, JAVA_DEFAULT_KEYSTORE_PATH, JAVA_DEFAULT_KEYSTORE_TYPE, KEYSTORE_TYPE_JKS, KEYSTORE_TYPE_PKCS12

Constructor Summary

Constructors

Constructor	Description
SSLConfiguration()

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object obj)
String	getTlsVersion()
String	getTrustRootCertDN()	This is used in the trust root manager to check against the certificate DN.
String	getTrustRootPassword()
String	getTrustrootPath()
String	getTrustRootType()
boolean	hasCertDN()
boolean	isStrictHostnames()
boolean	isUseDefaultTrustManager()
void	setStrictHostnames(boolean hostNameVerificationOff)
void	setTlsVersion(String tlsVersion)
void	setTrustRootCertDN(String trustRootCertDN)
void	setTrustRootPassword(String trustRootPassword)
void	setTrustRootPath(String trustRootPath)
void	setTrustRootType(String trustRootType)
void	setUseDefaultTrustManager(boolean useDefaultTrustManager)
String	toString()

Methods inherited from class edu.uiuc.ncsa.security.util.ssl.SSLKeystoreConfiguration

getKeyManagerFactory, getKeystore, getKeystoreBytes, getKeystoreIS, getKeystorePassword, getKeystorePasswordChars, getKeystoreType, isUseDefaultJavaTrustStore, main, setKeyManagerFactory, setKeystore, setKeystoreBytes, setKeystorePassword, setKeystoreType, setUseDefaultJavaTrustStore

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

SSLConfiguration

public SSLConfiguration()

Method Detail

setTrustRootPath

public void setTrustRootPath(String trustRootPath)

isStrictHostnames

public boolean isStrictHostnames()

setStrictHostnames

public void setStrictHostnames(boolean hostNameVerificationOff)

isUseDefaultTrustManager

public boolean isUseDefaultTrustManager()

setUseDefaultTrustManager

public void setUseDefaultTrustManager(boolean useDefaultTrustManager)

getTrustRootCertDN

public String getTrustRootCertDN()

This is used in the trust root manager to check against the certificate DN. This is useful if there are self-signed certs, since when the TrustManager invokes X509TrustManager.checkServerTrusted(X509Certificate[], String) it invokes checkServerDN to verify that the name on the certificate matches the lookup. Normally you do not have to set this BUT in cases of self-signed certs, it may need to be manually set since the lookup for the hostname (especially localhost) might not work quite as expected without a lot of hacking of the DNS. Most common use case is this is in the client's SSL configuration and is set to "CN=localhost" for a self-signed cert.

Returns:

setTrustRootCertDN

public void setTrustRootCertDN(String trustRootCertDN)

hasCertDN

public boolean hasCertDN()

getTrustRootType

public String getTrustRootType()

setTrustRootType

public void setTrustRootType(String trustRootType)

getTrustRootPassword

public String getTrustRootPassword()

setTrustRootPassword

public void setTrustRootPassword(String trustRootPassword)

getTlsVersion

public String getTlsVersion()

setTlsVersion

public void setTlsVersion(String tlsVersion)

getTrustrootPath

public String getTrustrootPath()

toString

public String toString()

Overrides:

toString in class SSLKeystoreConfiguration

equals

public boolean equals(Object obj)

Overrides:

equals in class SSLKeystoreConfiguration