Package org.glassfish.grizzly.config.dom

Interface Ssl

All Superinterfaces:
org.jvnet.hk2.config.ConfigBeanProxy, org.jvnet.hk2.config.types.PropertyBag
public interface Ssl extends org.jvnet.hk2.config.ConfigBeanProxy, org.jvnet.hk2.config.types.PropertyBag
Define SSL processing parameters

  • Field Details

  • Method Details

    • getCertNickname

      String getCertNickname()
      Nickname of the server certificate in the certificate database or the PKCS#11 token. In the certificate, the name format is token name:nickname. Including the token name: part of the name in this attribute is optional.

    • setCertNickname

      void setCertNickname(String value)

    • getClientAuthEnabled

      String getClientAuthEnabled()
      Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control.

    • setClientAuthEnabled

      void setClientAuthEnabled(String value)

    • getClientAuth

      @Pattern(regexp="(|need|want)", message="Valid values: (|need|want)") @Pattern(regexp="(|need|want)",message="Valid values: (|need|want)") String getClientAuth()
      Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank

    • setClientAuth

      void setClientAuth(String value)

    • getCrlFile

      String getCrlFile()

    • setCrlFile

      void setCrlFile(String crlFile)

    • getKeyAlgorithm

      String getKeyAlgorithm()

    • setKeyAlgorithm

      void setKeyAlgorithm(String algorithm)

    • getKeyStoreType

      @Pattern(regexp="(JKS|NSS)", message="Valid values: (JKS|NSS)") @Pattern(regexp="(JKS|NSS)",message="Valid values: (JKS|NSS)") String getKeyStoreType()
      type of the keystore file

    • setKeyStoreType

      void setKeyStoreType(String type)

    • getKeyStorePasswordProvider

      String getKeyStorePasswordProvider()

    • setKeyStorePasswordProvider

      void setKeyStorePasswordProvider(String provider)

    • getKeyStorePassword

      String getKeyStorePassword()
      password of the keystore file

    • setKeyStorePassword

      void setKeyStorePassword(String password)

    • getKeyStore

      String getKeyStore()
      Location of the keystore file

    • setKeyStore

      void setKeyStore(String location)

    • getClassname

      String getClassname()

    • setClassname

      void setClassname(String value)

    • getSsl2Ciphers

      @Pattern(regexp="((\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3)(\\s*,\\s*(\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3))*)*", message="Valid values: ((\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3)(\\s*,\\s*(\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3))*)*") @Pattern(regexp="((\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3)(\\s*,\\s*(\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3))*)*",message="Valid values: ((\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3)(\\s*,\\s*(\\+|\\-)(rc2|rc2export|rc4|rc4export|idea|des|desede3))*)*") String getSsl2Ciphers()
      A comma-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable, for example +rc4. Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3. If no value is specified, all supported ciphers are assumed to be enabled. NOT Used in PE

    • setSsl2Ciphers

      void setSsl2Ciphers(String value)

    • getSsl2Enabled

      String getSsl2Enabled()
      Determines whether SSL2 is enabled. NOT Used in PE. SSL2 is not supported by either iiop or web-services. When this element is used as a child of the iiop-listener element then the only allowed value for this attribute is "false".

    • setSsl2Enabled

      void setSsl2Enabled(String value)

    • getSsl3Enabled

      String getSsl3Enabled()
      Determines whether SSL3 is enabled. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption.

    • setSsl3Enabled

      void setSsl3Enabled(String value)

    • getSsl3TlsCiphers

      String getSsl3TlsCiphers()
      A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.

    • setSsl3TlsCiphers

      void setSsl3TlsCiphers(String value)

    • getTlsEnabled

      String getTlsEnabled()
      Determines whether TLS is enabled.

    • setTlsEnabled

      void setTlsEnabled(String value)

    • getTls11Enabled

      String getTls11Enabled()
      Determines whether TLS 1.1 is enabled.

    • setTls11Enabled

      void setTls11Enabled(String value)

    • getTls12Enabled

      String getTls12Enabled()
      Determines whether TLS 1.2 is enabled.

    • setTls12Enabled

      void setTls12Enabled(String value)

    • getTls13Enabled

      String getTls13Enabled()
      Determines whether TLS 1.3 is enabled.

    • setTls13Enabled

      void setTls13Enabled(String value)

    • getTlsRollbackEnabled

      String getTlsRollbackEnabled()
      Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE

    • setTlsRollbackEnabled

      void setTlsRollbackEnabled(String value)

    • getTrustAlgorithm

      String getTrustAlgorithm()

    • setTrustAlgorithm

      void setTrustAlgorithm(String algorithm)

    • getTrustMaxCertLength

      String getTrustMaxCertLength()

    • setTrustMaxCertLength

      void setTrustMaxCertLength(String maxLength)

    • getTrustStore

      String getTrustStore()

    • setTrustStore

      void setTrustStore(String location)

    • getTrustStoreType

      @Pattern(regexp="(JKS|NSS)", message="Valid values: (JKS|NSS)") @Pattern(regexp="(JKS|NSS)",message="Valid values: (JKS|NSS)") String getTrustStoreType()
      type of the truststore file

    • setTrustStoreType

      void setTrustStoreType(String type)

    • getTrustStorePasswordProvider

      String getTrustStorePasswordProvider()

    • setTrustStorePasswordProvider

      void setTrustStorePasswordProvider(String provider)

    • getTrustStorePassword

      String getTrustStorePassword()
      password of the truststore file

    • setTrustStorePassword

      void setTrustStorePassword(String password)

    • getAllowLazyInit

      String getAllowLazyInit()
      Does SSL configuration allow implementation to initialize it lazily way

    • setAllowLazyInit

      void setAllowLazyInit(String value)

    • getSSLInactivityTimeout

      String getSSLInactivityTimeout()
      Returns:
      the timeout within which there must be activity from the client. Defaults to 30 seconds.

    • setSSLInactivityTimeout

      void setSSLInactivityTimeout(int handshakeTimeout)

    • getRenegotiateOnClientAuthWant

      String getRenegotiateOnClientAuthWant()

      Determines whether or not ssl session renegotiation will occur if client-auth is set to want. This may be set to false under the assumption that if a certificate wasn't available during the initial handshake, it won't be available during a renegotiation.

      This configuration option defaults to true.

      Returns:
      true if ssl session renegotiation will occur if client-auth is want.
      Since:
      2.1.2

    • setRenegotiateOnClientAuthWant

      void setRenegotiateOnClientAuthWant(boolean renegotiateClientAuthWant)
      Since:
      2.1.2

    • getHandshakeTimeoutMillis

      String getHandshakeTimeoutMillis()
      Handshake mode

    • setHandshakeTimeoutMillis

      void setHandshakeTimeoutMillis(String timeoutMillis)