| Parameter name | *Value type | *Default value | *Description | *
|---|---|---|---|
| disabledCipherSuites | *String | *null | *Whitespace-separated list of disabled cipher suites and/or can be * specified multiple times. It affects the cipher suites manually enabled or * the default ones. | *
| disabledProtocols | *String (see Java Secure Socket Extension (JSSE) reference guide) | *TLS | *Whitespace-separated list of disabled SSL/TLS protocol names and/or can * be specified multiple times. Used when creating SSL sockets and engines. | *
| enabledCipherSuites | *String | *null | *Whitespace-separated list of enabled cipher suites and/or can be * specified multiple times | *
| enabledProtocols | *String (see Java Secure Socket Extension (JSSE) reference guide) | *TLS | *Whitespace-separated list of enabled SSL/TLS protocol names and/or can be * specified multiple times. Used when creating SSL sockets and engines. | *
| keyManagerAlgorithm | *String | *System property "ssl.KeyManagerFactory.algorithm" or "SunX509" | *Certificate algorithm for the key manager. | *
| keyStorePath | *String | *${user.home}/.keystore | *SSL keystore path. | *
| keyStorePassword | *String | *System property "javax.net.ssl.keyStorePassword" | *SSL keystore password. | *
| keyStoreType | *String | *JKS | *SSL keystore type | *
| keyPassword | *String | *System property "javax.net.ssl.keyStorePassword" | *SSL key password. | *
| needClientAuthentication | *boolean | *false | *Indicates if we require client certificate authentication. If set to * 'true', the "wantClientAuthentication" parameter is ignored. | *
| protocol | *String | *TLS (see Java Secure Socket Extension (JSSE) reference guide) | *SSL protocol used when creating the SSLContext. | *
| secureRandomAlgorithm | *String | *null (see java.security.SecureRandom) | *Name of the RNG algorithm. (see java.security.SecureRandom class) | *
| trustManagerAlgorithm | *String | *System property "ssl.TrustManagerFactory.algorithm" or "SunX509" | *Certificate algorithm for the trust manager. | *
| trustStorePassword | *String | *System property "javax.net.ssl.trustStorePassword" | *Trust store password | *
| trustStorePath | *String | *null | *Path to trust store | *
| trustStoreType | *String | *System property "javax.net.ssl.trustStoreType" | *Trust store type | *
| wantClientAuthentication | *boolean | *false | *Indicates if we would like client certificate authentication. Only taken * into account if the "needClientAuthentication" parameter is 'false'. | *
* In short, two instances of KeyStore are used when configuring an SSLContext: * the key store (which contains the public and private keys and certificates to * be used locally) and the trust store (which generally holds the CA * certificates to be trusted when connecting to a remote host). Both keystore * and trust store are KeyStores. When not explicitly set using the setters of * this class, the values will default to the default system properties, * following the behavior described in the JSSE reference guide. *
** There is more information in the JSSE Reference Guide. *
* * @author Bruno Harbulot (Bruno.Harbulot@manchester.ac.uk) * @see javax.net.ssl.SSLContext * @see java.security.KeyStore * @see JSSE * Reference - Standard names */ public class DefaultSslContextFactory extends SslContextFactory { /** The whitespace-separated list of disabled cipher suites. */ private volatile String[] disabledCipherSuites = null; /** The whitespace-separated list of disabled SSL protocols. */ private volatile String[] disabledProtocols = null; /** The whitespace-separated list of enabled cipher suites. */ private volatile String[] enabledCipherSuites = null; /** The whitespace-separated list of enabled SSL protocols. */ private volatile String[] enabledProtocols = null; /** The name of the KeyManager algorithm. */ private volatile String keyManagerAlgorithm = null; /** The password for the key in the keystore (as a String). */ private volatile char[] keyStoreKeyPassword = (System.getProperty( "javax.net.ssl.keyPassword", System.getProperty("javax.net.ssl.keyStorePassword")) != null) ? System .getProperty("javax.net.ssl.keyPassword", System.getProperty("javax.net.ssl.keyStorePassword")) .toCharArray() : null; /** The password for the keystore (as a String). */ private volatile char[] keyStorePassword = (System .getProperty("javax.net.ssl.keyStorePassword") != null) ? System .getProperty("javax.net.ssl.keyStorePassword").toCharArray() : null; /** The path to the KeyStore file. */ private volatile String keyStorePath = System .getProperty("javax.net.ssl.keyStore"); /** The name of the keystore provider. */ private volatile String keyStoreProvider = System .getProperty("javax.net.ssl.keyStoreProvider"); /** The keyStore type of the keystore. */ private volatile String keyStoreType = System .getProperty("javax.net.ssl.keyStoreType"); /** Indicates if we require client certificate authentication. */ private volatile boolean needClientAuthentication = false; /** The standard name of the protocol to use when creating the SSLContext. */ private volatile String protocol = "TLS"; /** The name of the SecureRandom algorithm. */ private volatile String secureRandomAlgorithm = null; /** The name of the TrustManager algorithm. */ private volatile String trustManagerAlgorithm = null; /** The password for the trust store keystore. */ private volatile char[] trustStorePassword = (System .getProperty("javax.net.ssl.trustStorePassword") != null) ? System .getProperty("javax.net.ssl.trustStorePassword").toCharArray() : null; /** The path to the trust store (keystore) file. */ private volatile String trustStorePath = System .getProperty("javax.net.ssl.trustStore"); /** The name of the trust store (keystore) provider. */ private volatile String trustStoreProvider = System .getProperty("javax.net.ssl.trustStoreProvider"); /** The KeyStore type of the trust store. */ private volatile String trustStoreType = System .getProperty("javax.net.ssl.trustStoreType"); /** Indicates if we would like client certificate authentication. */ private volatile boolean wantClientAuthentication = false; /** * This class is likely to contain sensitive information; cloning is * therefore not allowed. */ @Override protected final DefaultSslContextFactory clone() throws CloneNotSupportedException { throw new CloneNotSupportedException(); } /** * Creates a configured and initialized SSLContext from the values set via * the various setters of this class. IfkeyStorePath,
* keyStoreProvider, keyStoreType are all
* null, the SSLContext will be initialized with a
* null array of KeyManagers. Similarly, if
* trustStorePath, trustStoreProvider,
* trustStoreType are all null, a
* null array of TrustManagers will be used.
*
* @see SSLContext#init(javax.net.ssl.KeyManager[],
* javax.net.ssl.TrustManager[], SecureRandom)
*/
@Override
public javax.net.ssl.SSLContext createSslContext() throws Exception {
javax.net.ssl.SSLContext result = null;
javax.net.ssl.KeyManagerFactory kmf = null;
if ((this.keyStorePath != null) || (this.keyStoreProvider != null)
|| (this.keyStoreType != null)) {
// Loads the key store.
KeyStore keyStore = (this.keyStoreProvider != null) ? KeyStore
.getInstance(
(this.keyStoreType != null) ? this.keyStoreType
: KeyStore.getDefaultType(),
this.keyStoreProvider)
: KeyStore
.getInstance((this.keyStoreType != null) ? this.keyStoreType
: KeyStore.getDefaultType());
FileInputStream keyStoreInputStream = null;
try {
keyStoreInputStream = ((this.keyStorePath != null) && (!"NONE"
.equals(this.keyStorePath))) ? new FileInputStream(
this.keyStorePath) : null;
keyStore.load(keyStoreInputStream, this.keyStorePassword);
} finally {
if (keyStoreInputStream != null) {
keyStoreInputStream.close();
}
}
// Creates the key-manager factory.
kmf = javax.net.ssl.KeyManagerFactory
.getInstance(this.keyManagerAlgorithm);
kmf.init(keyStore, this.keyStoreKeyPassword);
}
javax.net.ssl.TrustManagerFactory tmf = null;
if ((this.trustStorePath != null) || (this.trustStoreProvider != null)
|| (this.trustStoreType != null)) {
// Loads the trust store.
KeyStore trustStore = (this.trustStoreProvider != null) ? KeyStore
.getInstance(
(this.trustStoreType != null) ? this.trustStoreType
: KeyStore.getDefaultType(),
this.trustStoreProvider)
: KeyStore
.getInstance((this.trustStoreType != null) ? this.trustStoreType
: KeyStore.getDefaultType());
FileInputStream trustStoreInputStream = null;
try {
trustStoreInputStream = ((this.trustStorePath != null) && (!"NONE"
.equals(this.trustStorePath))) ? new FileInputStream(
this.trustStorePath) : null;
trustStore.load(trustStoreInputStream, this.trustStorePassword);
} finally {
if (trustStoreInputStream != null) {
trustStoreInputStream.close();
}
}
// Creates the trust-manager factory.
tmf = javax.net.ssl.TrustManagerFactory
.getInstance(this.trustManagerAlgorithm);
tmf.init(trustStore);
}
// Creates the SSL context
javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext
.getInstance(this.protocol);
SecureRandom sr = null;
if (this.secureRandomAlgorithm != null) {
sr = SecureRandom.getInstance(this.secureRandomAlgorithm);
}
sslContext.init(kmf != null ? kmf.getKeyManagers() : null,
tmf != null ? tmf.getTrustManagers() : null, sr);
// Wraps the SSL context to be able to set cipher suites and other
// properties after SSL engine creation for example
result = createWrapper(sslContext);
return result;
}
/**
* Creates a new {@link SSLContext} wrapper. Necessary to properly
* initialize the {@link SSLEngine} or {@link SSLSocketFactory} or
* {@link SSLServerSocketFactory} created.
*
* @param sslContext
* The SSL context to wrap.
* @return The SSL context wrapper.
*/
protected javax.net.ssl.SSLContext createWrapper(
javax.net.ssl.SSLContext sslContext) {
return new DefaultSslContext(this, sslContext);
}
/**
* Returns the whitespace-separated list of disabled cipher suites.
*
* @return The whitespace-separated list of disabled cipher suites.
*/
public String[] getDisabledCipherSuites() {
return disabledCipherSuites;
}
/**
* Returns the whitespace-separated list of disabled SSL protocols.
*
* @return The whitespace-separated list of disabled SSL protocols.
*/
public String[] getDisabledProtocols() {
return disabledProtocols;
}
/**
* Returns the whitespace-separated list of enabled cipher suites.
*
* @return The whitespace-separated list of enabled cipher suites.
*/
public String[] getEnabledCipherSuites() {
return enabledCipherSuites;
}
/**
* Returns the whitespace-separated list of enabled SSL protocols.
*
* @return The whitespace-separated list of enabled SSL protocols.
*/
public String[] getEnabledProtocols() {
return enabledProtocols;
}
/**
* Returns the name of the KeyManager algorithm.
*
* @return The name of the KeyManager algorithm.
*/
public String getKeyManagerAlgorithm() {
return keyManagerAlgorithm;
}
/**
* Returns the password for the key in the keystore (as a String).
*
* @return The password for the key in the keystore (as a String).
*/
public char[] getKeyStoreKeyPassword() {
return keyStoreKeyPassword;
}
/**
* Returns the password for the keystore (as a String).
*
* @return The password for the keystore (as a String).
*/
public char[] getKeyStorePassword() {
return keyStorePassword;
}
/**
* Returns the path to the KeyStore file.
*
* @return The path to the KeyStore file.
*/
public String getKeyStorePath() {
return keyStorePath;
}
/**
* Returns the name of the keystore provider.
*
* @return The name of the keystore provider.
*/
public String getKeyStoreProvider() {
return keyStoreProvider;
}
/**
* Returns the keyStore type of the keystore.
*
* @return The keyStore type of the keystore.
*/
public String getKeyStoreType() {
return keyStoreType;
}
/**
* Returns the secure socket protocol name, "TLS" by default.
*
* @return The secure socket protocol.
*/
public String getProtocol() {
return this.protocol;
}
/**
* Returns the name of the SecureRandom algorithm.
*
* @return The name of the SecureRandom algorithm.
*/
public String getSecureRandomAlgorithm() {
return secureRandomAlgorithm;
}
/**
* Returns the selected cipher suites. The selection is the subset of
* supported suites that are both in the enable suites and out of the
* disabled suites.
*
* @param supportedCipherSuites
* The initial cipher suites to restrict.
* @return The selected cipher suites.
*/
public String[] getSelectedCipherSuites(String[] supportedCipherSuites) {
Set resultSet = new HashSet();
if (supportedCipherSuites != null) {
for (String supportedCipherSuite : supportedCipherSuites) {
if (((getEnabledCipherSuites() == null) || Arrays.asList(
getEnabledCipherSuites())
.contains(supportedCipherSuite))
&& ((getDisabledCipherSuites() == null) || !Arrays
.asList(getDisabledCipherSuites()).contains(
supportedCipherSuite))) {
resultSet.add(supportedCipherSuite);
}
}
}
String[] result = new String[resultSet.size()];
return resultSet.toArray(result);
}
/**
* Returns the selected SSL protocols. The selection is the subset of
* supported protocols whose name starts with the name of of
* {@link #getSslProtocol()} name.
*
* @param supportedProtocols
* The selected SSL protocols.
* @return The selected SSL protocols.
*/
public String[] getSelectedSslProtocols(String[] supportedProtocols) {
Set resultSet = new HashSet();
if (supportedProtocols != null) {
for (String supportedProtocol : supportedProtocols) {
if (((getEnabledProtocols() == null) || Arrays.asList(
getEnabledProtocols()).contains(supportedProtocol))
&& ((getDisabledProtocols() == null) || !Arrays.asList(
getDisabledProtocols()).contains(
supportedProtocol))) {
resultSet.add(supportedProtocol);
}
}
}
String[] result = new String[resultSet.size()];
return resultSet.toArray(result);
}
/**
* Returns the name of the TrustManager algorithm.
*
* @return The name of the TrustManager algorithm.
*/
public String getTrustManagerAlgorithm() {
return trustManagerAlgorithm;
}
/**
* Returns the password for the trust store keystore.
*
* @return The password for the trust store keystore.
*/
public char[] getTrustStorePassword() {
return trustStorePassword;
}
/**
* Returns the path to the trust store (keystore) file.
*
* @return The path to the trust store (keystore) file.
*/
public String getTrustStorePath() {
return trustStorePath;
}
/**
* Returns the name of the trust store (keystore) provider.
*
* @return The name of the trust store (keystore) provider.
*/
public String getTrustStoreProvider() {
return trustStoreProvider;
}
/**
* Returns the KeyStore type of the trust store.
*
* @return The KeyStore type of the trust store.
*/
public String getTrustStoreType() {
return trustStoreType;
}
/**
* Sets the following options according to parameters that may have been set
* up directly in the HttpsClientHelper or HttpsServerHelper parameters. See
* class Javadocs for the list of parameters supported.
*
* @param helperParameters
* Typically, the parameters that would have been obtained from
* HttpsServerHelper.getParameters()
*/
@Override
public void init(Series helperParameters) {
// Parses and set the disabled cipher suites
String[] disabledCipherSuitesArray = helperParameters
.getValuesArray("disabledCipherSuites");
Set disabledCipherSuites = new HashSet();
for (String disabledCipherSuiteSeries : disabledCipherSuitesArray) {
for (String disabledCipherSuite : disabledCipherSuiteSeries
.split(" ")) {
disabledCipherSuites.add(disabledCipherSuite);
}
}
if (disabledCipherSuites.size() > 0) {
disabledCipherSuitesArray = new String[disabledCipherSuites.size()];
disabledCipherSuites.toArray(disabledCipherSuitesArray);
setDisabledCipherSuites(disabledCipherSuitesArray);
} else {
setDisabledCipherSuites(null);
}
// Parses and set the disabled protocols
String[] disabledProtocolsArray = helperParameters
.getValuesArray("disabledProtocols");
Set disabledProtocols = new HashSet();
for (String disabledProtocolsSeries : disabledProtocolsArray) {
for (String disabledProtocol : disabledProtocolsSeries.split(" ")) {
disabledProtocols.add(disabledProtocol);
}
}
if (disabledProtocols.size() > 0) {
disabledProtocolsArray = new String[disabledProtocols.size()];
disabledProtocols.toArray(disabledProtocolsArray);
setDisabledProtocols(disabledProtocolsArray);
} else {
setDisabledProtocols(null);
}
// Parses and set the enabled cipher suites
String[] enabledCipherSuitesArray = helperParameters
.getValuesArray("enabledCipherSuites");
Set enabledCipherSuites = new HashSet();
for (String enabledCipherSuiteSeries : enabledCipherSuitesArray) {
for (String enabledCipherSuite : enabledCipherSuiteSeries
.split(" ")) {
enabledCipherSuites.add(enabledCipherSuite);
}
}
if (enabledCipherSuites.size() > 0) {
enabledCipherSuitesArray = new String[enabledCipherSuites.size()];
enabledCipherSuites.toArray(enabledCipherSuitesArray);
setEnabledCipherSuites(enabledCipherSuitesArray);
} else {
setEnabledCipherSuites(null);
}
// Parses and set the enabled protocols
String[] enabledProtocolsArray = helperParameters
.getValuesArray("enabledProtocols");
Set enabledProtocols = new HashSet();
for (String enabledProtocolSeries : enabledProtocolsArray) {
for (String enabledProtocol : enabledProtocolSeries.split(" ")) {
enabledProtocols.add(enabledProtocol);
}
}
if (enabledProtocols.size() > 0) {
enabledProtocolsArray = new String[enabledProtocols.size()];
enabledProtocols.toArray(enabledProtocolsArray);
setEnabledProtocols(enabledProtocolsArray);
} else {
setEnabledCipherSuites(null);
}
setKeyManagerAlgorithm(helperParameters.getFirstValue(
"keyManagerAlgorithm", true, System.getProperty(
"ssl.KeyManagerFactory.algorithm", "SunX509")));
setKeyStorePassword(helperParameters.getFirstValue("keyStorePassword",
true, System.getProperty("javax.net.ssl.keyStorePassword", "")));
setKeyStoreKeyPassword(helperParameters.getFirstValue("keyPassword",
true, System.getProperty("javax.net.ssl.keyPassword")));
if (this.keyStoreKeyPassword == null) {
this.keyStoreKeyPassword = this.keyStorePassword;
}
setKeyStorePath(helperParameters.getFirstValue("keyStorePath", true,
System.getProperty("javax.net.ssl.keyStore")));
setKeyStoreType(helperParameters.getFirstValue("keyStoreType", true,
System.getProperty("javax.net.ssl.keyStoreType")));
setNeedClientAuthentication(Boolean.parseBoolean(helperParameters
.getFirstValue("needClientAuthentication", true, "false")));
// Support deprecated "sslProtocol" name
setProtocol(helperParameters.getFirstValue("protocol", true,
helperParameters.getFirstValue("sslProtocol", true, "TLS")));
setSecureRandomAlgorithm(helperParameters.getFirstValue(
"secureRandomAlgorithm", true));
setTrustManagerAlgorithm(helperParameters.getFirstValue(
"trustManagerAlgorithm", true, System.getProperty(
"ssl.TrustManagerFactory.algorithm", "SunX509")));
setTrustStorePassword(helperParameters.getFirstValue(
"trustStorePassword", true,
System.getProperty("javax.net.ssl.trustStorePassword")));
setTrustStorePath(helperParameters.getFirstValue("trustStorePath",
true, System.getProperty("javax.net.ssl.trustStore")));
setTrustStoreType(helperParameters.getFirstValue("trustStoreType",
true, System.getProperty("javax.net.ssl.trustStoreType")));
setWantClientAuthentication(Boolean.parseBoolean(helperParameters
.getFirstValue("wantClientAuthentication", true, "false")));
}
/**
* Indicates if we require client certificate authentication.
*
* @return True if we require client certificate authentication.
*/
public boolean isNeedClientAuthentication() {
return needClientAuthentication;
}
/**
* Indicates if we would like client certificate authentication.
*
* @return True if we would like client certificate authentication.
*/
public boolean isWantClientAuthentication() {
return wantClientAuthentication;
}
/**
* Sets the whitespace-separated list of disabled cipher suites.
*
* @param disabledCipherSuites
* The whitespace-separated list of disabled cipher suites.
*/
public void setDisabledCipherSuites(String[] disabledCipherSuites) {
this.disabledCipherSuites = disabledCipherSuites;
}
/**
* Sets the whitespace-separated list of disabled SSL protocols.
*
* @param disabledProtocols
* The whitespace-separated list of disabled SSL protocols.
*/
public void setDisabledProtocols(String[] disabledProtocols) {
this.disabledProtocols = disabledProtocols;
}
/**
* Sets the whitespace-separated list of enabled cipher suites.
*
* @param enabledCipherSuites
* The whitespace-separated list of enabled cipher suites.
*/
public void setEnabledCipherSuites(String[] enabledCipherSuites) {
this.enabledCipherSuites = enabledCipherSuites;
}
/**
* Sets the standard name of the protocols to use when creating the SSL
* sockets or engines.
*
* @param enabledProtocols
* The standard name of the protocols to use when creating the
* SSL sockets or engines.
*/
public void setEnabledProtocols(String[] enabledProtocols) {
this.enabledProtocols = enabledProtocols;
}
/**
* Sets the KeyManager algorithm. The default value is that of the
* ssl.KeyManagerFactory.algorithm system property, or
* "SunX509" if the system property has not been set up.
*
* @param keyManagerAlgorithm
* The KeyManager algorithm.
*/
public void setKeyManagerAlgorithm(String keyManagerAlgorithm) {
this.keyManagerAlgorithm = keyManagerAlgorithm;
}
/**
* Sets the password of the key in the keystore. The default value is that
* of the javax.net.ssl.keyPassword system property, falling back to
* javax.net.ssl.keyStorePassword. This system property name is not
* standard.
*
* @param keyStoreKeyPassword
* The password of the key in the keystore.
*/
public void setKeyStoreKeyPassword(char[] keyStoreKeyPassword) {
this.keyStoreKeyPassword = keyStoreKeyPassword;
}
/**
* Sets the password of the key in the keystore. The default value is that
* of the javax.net.ssl.keyPassword system property, falling back to
* javax.net.ssl.keyStorePassword. This system property name is not
* standard.
*
* @param keyStoreKeyPassword
* The password of the key in the keystore.
*/
public void setKeyStoreKeyPassword(String keyStoreKeyPassword) {
this.keyStoreKeyPassword = (keyStoreKeyPassword != null) ? keyStoreKeyPassword
.toCharArray() : null;
}
/**
* Sets the keystore password. The default value is that of the
* javax.net.ssl.keyStorePassword system property.
*
* @param keyStorePassword
* Sets the keystore password.
*/
public void setKeyStorePassword(char[] keyStorePassword) {
this.keyStorePassword = keyStorePassword;
}
/**
* Sets the keystore password. The default value is that of the
* javax.net.ssl.keyStorePassword system property.
*
* @param keyStorePassword
* Sets the keystore password.
*/
public void setKeyStorePassword(String keyStorePassword) {
this.keyStorePassword = (keyStorePassword != null) ? keyStorePassword
.toCharArray() : null;
}
/**
* Sets the path to the keystore file. The default value is that of the
* javax.net.ssl.keyStore system property.
*
* @param keyStorePath
* The path to the keystore file.
*/
public void setKeyStorePath(String keyStorePath) {
this.keyStorePath = keyStorePath;
}
/**
* Sets the name of the keystore provider. The default value is that of the
* javax.net.ssl.keyStoreProvider system property.
*
* @param keyStoreProvider
* The name of the keystore provider.
*/
public void setKeyStoreProvider(String keyStoreProvider) {
this.keyStoreProvider = keyStoreProvider;
}
/**
* Sets the KeyStore type of the keystore. The default value is that of the
* javax.net.ssl.keyStoreType system property.
*
* @param keyStoreType
* The KeyStore type of the keystore.
*/
public void setKeyStoreType(String keyStoreType) {
this.keyStoreType = keyStoreType;
}
/**
* Indicates if we require client certificate authentication. The default
* value is false.
*
* @param needClientAuthentication
* True if we require client certificate authentication.
*/
public void setNeedClientAuthentication(boolean needClientAuthentication) {
this.needClientAuthentication = needClientAuthentication;
}
/**
* Sets the secure socket protocol name, "TLS" by default.
*
* @param protocol
* Name of the secure socket protocol to use.
*/
public void setProtocol(String protocol) {
this.protocol = protocol;
}
/**
* Sets the SecureRandom algorithm. The default value is null, in
* which case the default SecureRandom would be used.
*
* @param secureRandomAlgorithm
* The SecureRandom algorithm.
*/
public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
this.secureRandomAlgorithm = secureRandomAlgorithm;
}
/**
* Sets the TrustManager algorithm. The default value is that of the
* ssl.TrustManagerFactory.algorithm system property, or
* "SunX509" if the system property has not been set up.
*
* @param trustManagerAlgorithm
* The TrustManager algorithm.
*/
public void setTrustManagerAlgorithm(String trustManagerAlgorithm) {
this.trustManagerAlgorithm = trustManagerAlgorithm;
}
/**
* Sets the password of the trust store KeyStore. The default value is that
* of the javax.net.ssl.trustStorePassword system property.
*
* @param trustStorePassword
* The password of the trust store KeyStore.
*/
public void setTrustStorePassword(char[] trustStorePassword) {
this.trustStorePassword = trustStorePassword;
}
/**
* Sets the password of the trust store KeyStore. The default value is that
* of the javax.net.ssl.trustStorePassword system property.
*
* @param trustStorePassword
* The password of the trust store KeyStore.
*/
public void setTrustStorePassword(String trustStorePassword) {
this.trustStorePassword = (trustStorePassword != null) ? trustStorePassword
.toCharArray() : null;
}
/**
* Sets the path to the trust store KeyStore. The default value is that of
* the javax.net.ssl.trustStore system property.
*
* @param trustStorePath
* The trustStorePath to set
*/
public void setTrustStorePath(String trustStorePath) {
this.trustStorePath = trustStorePath;
}
/**
* Sets the name of the trust store provider. The default value is that of
* the javax.net.ssl.trustStoreProvider system property.
*
* @param trustStoreProvider
* The name of the trust store provider.
*/
public void setTrustStoreProvider(String trustStoreProvider) {
this.trustStoreProvider = trustStoreProvider;
}
/**
* Sets the KeyStore type of the trust store. The default value is that of
* the javax.net.ssl.trustStoreType system property.
*
* @param trustStoreType
* The KeyStore type of the trust store.
*/
public void setTrustStoreType(String trustStoreType) {
this.trustStoreType = trustStoreType;
}
/**
* Indicates if we would like client certificate authentication. The default
* value is false.
*
* @param wantClientAuthentication
* True if we would like client certificate authentication.
*/
public void setWantClientAuthentication(boolean wantClientAuthentication) {
this.wantClientAuthentication = wantClientAuthentication;
}
}