public final class SSLContext extends Object
| Constructor and Description | 
|---|
| SSLContext() | 
| Modifier and Type | Method and Description | 
|---|---|
| static void | clearOptions(long ctx,
            int options)Clears OpenSSL Options. | 
| static int | free(long ctx)Free the resources used by the Context | 
| static long | make(long pool,
    int protocol,
    int mode)Create a new SSL context. | 
| static void | setBIO(long ctx,
      long bio,
      int dir)Associate BIOCallback for input or output data capture. | 
| static boolean | setCACertificate(long ctx,
                String file,
                String path)Set File and Directory of concatenated PEM-encoded CA Certificates
 for Client Auth
  This directive sets the all-in-one file where you can assemble the Certificates of Certification Authorities (CA) whose clients you deal with. | 
| static boolean | setCARevocation(long ctx,
               String file,
               String path)Set File of concatenated PEM-encoded CA CRLs or
 directory of PEM-encoded CA Certificates for Client Auth
  This directive sets the all-in-one file where you can assemble the Certificate Revocation Lists (CRL) of Certification Authorities (CA) whose clients you deal with. | 
| static boolean | setCertificate(long ctx,
              String cert,
              String key,
              String password,
              int idx)Set Certificate
  Point setCertificateFile at a PEM encoded certificate. | 
| static boolean | setCertificateChainFile(long ctx,
                       String file,
                       boolean skipfirst)Set File of PEM-encoded Server CA Certificates
  This directive sets the optional all-in-one file where you can assemble the certificates of Certification Authorities (CA) which form the certificate chain of the server certificate. | 
| static boolean | setCipherSuite(long ctx,
              String ciphers)Cipher Suite available for negotiation in SSL handshake. | 
| static void | setContextId(long ctx,
            String id)Set Session context id. | 
| static void | setOptions(long ctx,
          int options)Set OpenSSL Option. | 
| static void | setQuietShutdown(long ctx,
                boolean mode)Sets the "quiet shutdown" flag for ctx to be
 mode. | 
| static void | setRandom(long ctx,
         String file)Set file for randomness | 
| static void | setShutdownType(long ctx,
               int type)Set SSL connection shutdown type
  The following levels are available for level: SSL_SHUTDOWN_TYPE_STANDARD SSL_SHUTDOWN_TYPE_UNCLEAN SSL_SHUTDOWN_TYPE_ACCURATE | 
| static void | setVerify(long ctx,
         int level,
         int depth)Set Type of Client Certificate verification and Maximum depth of CA Certificates
 in Client Certificate verification. | 
public static long make(long pool,
        int protocol,
        int mode)
                 throws Exception
pool - The pool to use.protocol - The SSL protocol to use. It can be any combination of
 the following:
 SSL.SSL_PROTOCOL_SSLV2SSL.SSL_PROTOCOL_SSLV3SSL.SSL_PROTOCOL_TLSV1SSL.SSL_PROTOCOL_TLSV1_1SSL.SSL_PROTOCOL_TLSV1_2SSL.SSL_PROTOCOL_TLSV1_3SSL.SSL_PROTOCOL_ALL( == all TLS versions, no SSL)
mode - SSL mode to use
 SSL_MODE_CLIENT SSL_MODE_SERVER SSL_MODE_COMBINED
Exception - If the SSL Context could not be createdpublic static int free(long ctx)
ctx - Server or Client context to free.public static void setContextId(long ctx,
                String id)
ctx - Context to use.id - String that uniquely identifies this context.public static void setBIO(long ctx,
          long bio,
          int dir)
[ERROR] -- Critical error messages [WARN] -- Warning messages [INFO] -- Informational messages [DEBUG] -- Debugging messagedCallback can use that word to determine application logging level by intercepting write call. If the bio is set to 0 no error messages will be displayed. Default is to use the stderr output stream.
ctx - Server or Client context to use.bio - BIO handle to use, created with SSL.newBIOdir - BIO direction (1 for input 0 for output).public static void setOptions(long ctx,
              int options)
ctx - Server or Client context to use.options - See SSL.SSL_OP_* for option flags.public static void clearOptions(long ctx,
                int options)
ctx - Server or Client context to use.options - See SSL.SSL_OP_* for option flags.public static void setQuietShutdown(long ctx,
                    boolean mode)
ctx - Server or Client context to use.mode - True to set the quiet shutdown.public static boolean setCipherSuite(long ctx,
                     String ciphers)
                              throws Exception
ctx - Server or Client context to use.ciphers - An OpenSSL cipher specification.true if the operation was successfulException - An error occurredpublic static boolean setCARevocation(long ctx,
                      String file,
                      String path)
                               throws Exception
ctx - Server or Client context to use.file - File of concatenated PEM-encoded CA CRLs for Client Auth.path - Directory of PEM-encoded CA Certificates for Client Auth.true if the operation was successfulException - An error occurredpublic static boolean setCertificateChainFile(long ctx,
                              String file,
                              boolean skipfirst)
ctx - Server or Client context to use.file - File of PEM-encoded Server CA Certificates.skipfirst - Skip first certificate if chain file is inside
                  certificate file.true if the operation was successfulpublic static boolean setCertificate(long ctx,
                     String cert,
                     String key,
                     String password,
                     int idx)
                              throws Exception
ctx - Server or Client context to use.cert - Certificate file.key - Private Key file to use if not in cert.password - Certificate password. If null and certificate
                 is encrypted, password prompt will be displayed.idx - Certificate index SSL_AIDX_RSA or SSL_AIDX_DSA.true if the operation was successfulException - An error occurredpublic static boolean setCACertificate(long ctx,
                       String file,
                       String path)
                                throws Exception
ctx - Server or Client context to use.file - File of concatenated PEM-encoded CA Certificates for
             Client Auth.path - Directory of PEM-encoded CA Certificates for Client Auth.true if the operation was successfulException - An error occurredpublic static void setRandom(long ctx,
             String file)
ctx - Server or Client context to use.file - random file.public static void setShutdownType(long ctx,
                   int type)
SSL_SHUTDOWN_TYPE_STANDARD SSL_SHUTDOWN_TYPE_UNCLEAN SSL_SHUTDOWN_TYPE_ACCURATE
ctx - Server or Client context to use.type - Shutdown type to use.public static void setVerify(long ctx,
             int level,
             int depth)
 SSL_CVERIFY_NONE           - No client Certificate is required at all
 SSL_CVERIFY_OPTIONAL       - The client may present a valid Certificate
 SSL_CVERIFY_REQUIRE        - The client has to present a valid Certificate
 SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid Certificate
                              but it need not to be (successfully) verifiable
 
 setCACertificatePath), etc.ctx - Server or Client context to use.level - Type of Client Certificate verification.depth - Maximum depth of CA Certificates in Client Certificate
              verification.Copyright © 2000-2020 Apache Software Foundation. All Rights Reserved.