public class JdkSslContext extends SslContext
SslContext which uses JDK's SSL/TLS implementation.| 构造器和说明 |
|---|
JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
ClientAuth clientAuth)
|
JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
java.lang.Iterable<java.lang.String> ciphers,
CipherSuiteFilter cipherFilter,
ApplicationProtocolConfig apn,
ClientAuth clientAuth)
|
JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
java.lang.Iterable<java.lang.String> ciphers,
CipherSuiteFilter cipherFilter,
ApplicationProtocolConfig apn,
ClientAuth clientAuth,
java.lang.String[] protocols,
boolean startTls)
Creates a new
JdkSslContext from a pre-configured SSLContext. |
| 限定符和类型 | 方法和说明 |
|---|---|
JdkApplicationProtocolNegotiator |
applicationProtocolNegotiator()
Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.
|
protected static javax.net.ssl.KeyManagerFactory |
buildKeyManagerFactory(java.io.File certChainFile,
java.io.File keyFile,
java.lang.String keyPassword,
javax.net.ssl.KeyManagerFactory kmf)
已过时。
will be removed.
|
protected static javax.net.ssl.KeyManagerFactory |
buildKeyManagerFactory(java.io.File certChainFile,
java.lang.String keyAlgorithm,
java.io.File keyFile,
java.lang.String keyPassword,
javax.net.ssl.KeyManagerFactory kmf)
已过时。
will be removed.
|
java.util.List<java.lang.String> |
cipherSuites()
Returns the list of enabled cipher suites, in the order of preference.
|
javax.net.ssl.SSLContext |
context()
Returns the JDK
SSLContext object held by this context. |
boolean |
isClient()
Returns the
true if and only if this context is for client-side. |
javax.net.ssl.SSLEngine |
newEngine(ByteBufAllocator alloc)
Creates a new
SSLEngine. |
javax.net.ssl.SSLEngine |
newEngine(ByteBufAllocator alloc,
java.lang.String peerHost,
int peerPort)
Creates a new
SSLEngine using advisory peer information. |
javax.net.ssl.SSLSessionContext |
sessionContext()
Returns the JDK
SSLSessionContext object held by this context. |
attributes, buildKeyManagerFactory, buildKeyStore, buildTrustManagerFactory, buildTrustManagerFactory, buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newHandler, newHandler, newHandler, newHandler, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, nextProtocols, sessionCacheSize, sessionTimeout, toPrivateKey, toPrivateKey, toX509Certificates, toX509Certificates@Deprecated
public JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
ClientAuth clientAuth)
JdkSslContext from a pre-configured SSLContext.sslContext - the SSLContext to use.isClient - true if this context should create SSLEngines for client-side usage.clientAuth - the ClientAuth to use. This will only be used when is false.@Deprecated
public JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
java.lang.Iterable<java.lang.String> ciphers,
CipherSuiteFilter cipherFilter,
ApplicationProtocolConfig apn,
ClientAuth clientAuth)
JdkSslContext from a pre-configured SSLContext.sslContext - the SSLContext to use.isClient - true if this context should create SSLEngines for client-side usage.ciphers - the ciphers to use or null if the standard should be used.cipherFilter - the filter to use.apn - the ApplicationProtocolConfig to use.clientAuth - the ClientAuth to use. This will only be used when is false.public JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
java.lang.Iterable<java.lang.String> ciphers,
CipherSuiteFilter cipherFilter,
ApplicationProtocolConfig apn,
ClientAuth clientAuth,
java.lang.String[] protocols,
boolean startTls)
JdkSslContext from a pre-configured SSLContext.sslContext - the SSLContext to use.isClient - true if this context should create SSLEngines for client-side usage.ciphers - the ciphers to use or null if the standard should be used.cipherFilter - the filter to use.apn - the ApplicationProtocolConfig to use.clientAuth - the ClientAuth to use. This will only be used when is false.protocols - the protocols to enable, or null to enable the default protocols.startTls - true if the first write request shouldn't be encryptedpublic final javax.net.ssl.SSLContext context()
SSLContext object held by this context.public final boolean isClient()
SslContexttrue if and only if this context is for client-side.isClient 在类中 SslContextpublic final javax.net.ssl.SSLSessionContext sessionContext()
SSLSessionContext object held by this context.sessionContext 在类中 SslContextpublic final java.util.List<java.lang.String> cipherSuites()
SslContextcipherSuites 在类中 SslContextpublic final javax.net.ssl.SSLEngine newEngine(ByteBufAllocator alloc)
SslContextSSLEngine.
If SslProvider.OPENSSL_REFCNT is used then the object must be released. One way to do this is to
wrap in a SslHandler and insert it into a pipeline. See SslContext.newHandler(ByteBufAllocator).
newEngine 在类中 SslContextSSLEnginepublic final javax.net.ssl.SSLEngine newEngine(ByteBufAllocator alloc, java.lang.String peerHost, int peerPort)
SslContextSSLEngine using advisory peer information.
If SslProvider.OPENSSL_REFCNT is used then the object must be released. One way to do this is to
wrap in a SslHandler and insert it into a pipeline.
See SslContext.newHandler(ByteBufAllocator, String, int).
newEngine 在类中 SslContextpeerHost - the non-authoritative name of the hostpeerPort - the non-authoritative portSSLEnginepublic final JdkApplicationProtocolNegotiator applicationProtocolNegotiator()
SslContextapplicationProtocolNegotiator 在类中 SslContext@Deprecated
protected static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory(java.io.File certChainFile,
java.io.File keyFile,
java.lang.String keyPassword,
javax.net.ssl.KeyManagerFactory kmf)
throws java.security.UnrecoverableKeyException,
java.security.KeyStoreException,
java.security.NoSuchAlgorithmException,
javax.crypto.NoSuchPaddingException,
java.security.spec.InvalidKeySpecException,
java.security.InvalidAlgorithmParameterException,
java.security.cert.CertificateException,
java.security.KeyException,
java.io.IOException
KeyManagerFactory based upon a key file, key file password, and a certificate chain.certChainFile - an X.509 certificate chain file in PEM formatkeyFile - a PKCS#8 private key file in PEM formatkeyPassword - the password of the keyFile.
null if it's not password-protected.kmf - The existing KeyManagerFactory that will be used if not nullKeyManagerFactory based upon a key file, key file password, and a certificate chain.java.security.UnrecoverableKeyExceptionjava.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjavax.crypto.NoSuchPaddingExceptionjava.security.spec.InvalidKeySpecExceptionjava.security.InvalidAlgorithmParameterExceptionjava.security.cert.CertificateExceptionjava.security.KeyExceptionjava.io.IOException@Deprecated
protected static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory(java.io.File certChainFile,
java.lang.String keyAlgorithm,
java.io.File keyFile,
java.lang.String keyPassword,
javax.net.ssl.KeyManagerFactory kmf)
throws java.security.KeyStoreException,
java.security.NoSuchAlgorithmException,
javax.crypto.NoSuchPaddingException,
java.security.spec.InvalidKeySpecException,
java.security.InvalidAlgorithmParameterException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.KeyException,
java.security.UnrecoverableKeyException
KeyManagerFactory based upon a key algorithm, key file, key file password,
and a certificate chain.certChainFile - an buildKeyManagerFactory X.509 certificate chain file in PEM formatkeyAlgorithm - the standard name of the requested algorithm. See the Java Secure Socket Extension
Reference Guide for information about standard algorithm names.keyFile - a PKCS#8 private key file in PEM formatkeyPassword - the password of the keyFile.
null if it's not password-protected.kmf - The existing KeyManagerFactory that will be used if not nullKeyManagerFactory based upon a key algorithm, key file, key file password,
and a certificate chain.java.security.KeyStoreExceptionjava.security.NoSuchAlgorithmExceptionjavax.crypto.NoSuchPaddingExceptionjava.security.spec.InvalidKeySpecExceptionjava.security.InvalidAlgorithmParameterExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.KeyExceptionjava.security.UnrecoverableKeyException