public class JdkSslContext extends SslContext
SslContext
which uses JDK's SSL/TLS implementation.构造器和说明 |
---|
JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
ClientAuth clientAuth)
|
JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
java.lang.Iterable<java.lang.String> ciphers,
CipherSuiteFilter cipherFilter,
ApplicationProtocolConfig apn,
ClientAuth clientAuth)
|
JdkSslContext(javax.net.ssl.SSLContext sslContext,
boolean isClient,
java.lang.Iterable<java.lang.String> ciphers,
CipherSuiteFilter cipherFilter,
ApplicationProtocolConfig apn,
ClientAuth clientAuth,
java.lang.String[] protocols,
boolean startTls)
Creates a new
JdkSslContext from a pre-configured SSLContext . |
限定符和类型 | 方法和说明 |
---|---|
JdkApplicationProtocolNegotiator |
applicationProtocolNegotiator()
Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.
|
protected static javax.net.ssl.KeyManagerFactory |
buildKeyManagerFactory(java.io.File certChainFile,
java.io.File keyFile,
java.lang.String keyPassword,
javax.net.ssl.KeyManagerFactory kmf)
已过时。
will be removed.
|
protected static javax.net.ssl.KeyManagerFactory |
buildKeyManagerFactory(java.io.File certChainFile,
java.lang.String keyAlgorithm,
java.io.File keyFile,
java.lang.String keyPassword,
javax.net.ssl.KeyManagerFactory kmf)
已过时。
will be removed.
|
java.util.List<java.lang.String> |
cipherSuites()
Returns the list of enabled cipher suites, in the order of preference.
|
javax.net.ssl.SSLContext |
context()
Returns the JDK
SSLContext object held by this context. |
boolean |
isClient()
Returns the
true if and only if this context is for client-side. |
javax.net.ssl.SSLEngine |
newEngine(ByteBufAllocator alloc)
Creates a new
SSLEngine . |
javax.net.ssl.SSLEngine |
newEngine(ByteBufAllocator alloc,
java.lang.String peerHost,
int peerPort)
Creates a new
SSLEngine using advisory peer information. |
javax.net.ssl.SSLSessionContext |
sessionContext()
Returns the JDK
SSLSessionContext object held by this context. |
attributes, buildKeyManagerFactory, buildKeyStore, buildTrustManagerFactory, buildTrustManagerFactory, buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newHandler, newHandler, newHandler, newHandler, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, nextProtocols, sessionCacheSize, sessionTimeout, toPrivateKey, toPrivateKey, toX509Certificates, toX509Certificates
@Deprecated public JdkSslContext(javax.net.ssl.SSLContext sslContext, boolean isClient, ClientAuth clientAuth)
JdkSslContext
from a pre-configured SSLContext
.sslContext
- the SSLContext
to use.isClient
- true
if this context should create SSLEngine
s for client-side usage.clientAuth
- the ClientAuth
to use. This will only be used when is false
.@Deprecated public JdkSslContext(javax.net.ssl.SSLContext sslContext, boolean isClient, java.lang.Iterable<java.lang.String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, ClientAuth clientAuth)
JdkSslContext
from a pre-configured SSLContext
.sslContext
- the SSLContext
to use.isClient
- true
if this context should create SSLEngine
s for client-side usage.ciphers
- the ciphers to use or null
if the standard should be used.cipherFilter
- the filter to use.apn
- the ApplicationProtocolConfig
to use.clientAuth
- the ClientAuth
to use. This will only be used when is false
.public JdkSslContext(javax.net.ssl.SSLContext sslContext, boolean isClient, java.lang.Iterable<java.lang.String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, ClientAuth clientAuth, java.lang.String[] protocols, boolean startTls)
JdkSslContext
from a pre-configured SSLContext
.sslContext
- the SSLContext
to use.isClient
- true
if this context should create SSLEngine
s for client-side usage.ciphers
- the ciphers to use or null
if the standard should be used.cipherFilter
- the filter to use.apn
- the ApplicationProtocolConfig
to use.clientAuth
- the ClientAuth
to use. This will only be used when is false
.protocols
- the protocols to enable, or null
to enable the default protocols.startTls
- true
if the first write request shouldn't be encryptedpublic final javax.net.ssl.SSLContext context()
SSLContext
object held by this context.public final boolean isClient()
SslContext
true
if and only if this context is for client-side.isClient
在类中 SslContext
public final javax.net.ssl.SSLSessionContext sessionContext()
SSLSessionContext
object held by this context.sessionContext
在类中 SslContext
public final java.util.List<java.lang.String> cipherSuites()
SslContext
cipherSuites
在类中 SslContext
public final javax.net.ssl.SSLEngine newEngine(ByteBufAllocator alloc)
SslContext
SSLEngine
.
If SslProvider.OPENSSL_REFCNT
is used then the object must be released. One way to do this is to
wrap in a SslHandler
and insert it into a pipeline. See SslContext.newHandler(ByteBufAllocator)
.
newEngine
在类中 SslContext
SSLEngine
public final javax.net.ssl.SSLEngine newEngine(ByteBufAllocator alloc, java.lang.String peerHost, int peerPort)
SslContext
SSLEngine
using advisory peer information.
If SslProvider.OPENSSL_REFCNT
is used then the object must be released. One way to do this is to
wrap in a SslHandler
and insert it into a pipeline.
See SslContext.newHandler(ByteBufAllocator, String, int)
.
newEngine
在类中 SslContext
peerHost
- the non-authoritative name of the hostpeerPort
- the non-authoritative portSSLEngine
public final JdkApplicationProtocolNegotiator applicationProtocolNegotiator()
SslContext
applicationProtocolNegotiator
在类中 SslContext
@Deprecated protected static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory(java.io.File certChainFile, java.io.File keyFile, java.lang.String keyPassword, javax.net.ssl.KeyManagerFactory kmf) throws java.security.UnrecoverableKeyException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, javax.crypto.NoSuchPaddingException, java.security.spec.InvalidKeySpecException, java.security.InvalidAlgorithmParameterException, java.security.cert.CertificateException, java.security.KeyException, java.io.IOException
KeyManagerFactory
based upon a key file, key file password, and a certificate chain.certChainFile
- an X.509 certificate chain file in PEM formatkeyFile
- a PKCS#8 private key file in PEM formatkeyPassword
- the password of the keyFile
.
null
if it's not password-protected.kmf
- The existing KeyManagerFactory
that will be used if not null
KeyManagerFactory
based upon a key file, key file password, and a certificate chain.java.security.UnrecoverableKeyException
java.security.KeyStoreException
java.security.NoSuchAlgorithmException
javax.crypto.NoSuchPaddingException
java.security.spec.InvalidKeySpecException
java.security.InvalidAlgorithmParameterException
java.security.cert.CertificateException
java.security.KeyException
java.io.IOException
@Deprecated protected static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory(java.io.File certChainFile, java.lang.String keyAlgorithm, java.io.File keyFile, java.lang.String keyPassword, javax.net.ssl.KeyManagerFactory kmf) throws java.security.KeyStoreException, java.security.NoSuchAlgorithmException, javax.crypto.NoSuchPaddingException, java.security.spec.InvalidKeySpecException, java.security.InvalidAlgorithmParameterException, java.io.IOException, java.security.cert.CertificateException, java.security.KeyException, java.security.UnrecoverableKeyException
KeyManagerFactory
based upon a key algorithm, key file, key file password,
and a certificate chain.certChainFile
- an buildKeyManagerFactory X.509 certificate chain file in PEM formatkeyAlgorithm
- the standard name of the requested algorithm. See the Java Secure Socket Extension
Reference Guide for information about standard algorithm names.keyFile
- a PKCS#8 private key file in PEM formatkeyPassword
- the password of the keyFile
.
null
if it's not password-protected.kmf
- The existing KeyManagerFactory
that will be used if not null
KeyManagerFactory
based upon a key algorithm, key file, key file password,
and a certificate chain.java.security.KeyStoreException
java.security.NoSuchAlgorithmException
javax.crypto.NoSuchPaddingException
java.security.spec.InvalidKeySpecException
java.security.InvalidAlgorithmParameterException
java.io.IOException
java.security.cert.CertificateException
java.security.KeyException
java.security.UnrecoverableKeyException