Package io.netty.handler.ssl
Class OpenSslClientContext
java.lang.Object
io.netty.handler.ssl.SslContext
io.netty.handler.ssl.ReferenceCountedOpenSslContext
io.netty.handler.ssl.OpenSslContext
io.netty.handler.ssl.OpenSslClientContext
- All Implemented Interfaces:
ReferenceCounted
A client-side
SslContext
which uses OpenSSL's SSL/TLS implementation.
This class will use a finalizer to ensure native resources are automatically cleaned up. To avoid finalizers
and manually release the native memory see ReferenceCountedOpenSslClientContext
.
-
Nested Class Summary
Nested classes/interfaces inherited from class io.netty.handler.ssl.ReferenceCountedOpenSslContext
ReferenceCountedOpenSslContext.AbstractCertificateVerifier
-
Field Summary
FieldsFields inherited from class io.netty.handler.ssl.ReferenceCountedOpenSslContext
CLIENT_ENABLE_SESSION_CACHE, CLIENT_ENABLE_SESSION_TICKET, CLIENT_ENABLE_SESSION_TICKET_TLSV13, clientAuth, ctx, ctxLock, enableOcsp, engineMap, hasTLSv13Cipher, keyCertChain, NONE_PROTOCOL_NEGOTIATOR, protocols, SERVER_ENABLE_SESSION_CACHE, SERVER_ENABLE_SESSION_TICKET, SERVER_ENABLE_SESSION_TICKET_TLSV13, tlsFalseStart, USE_TASKS, VERIFY_DEPTH
Fields inherited from class io.netty.handler.ssl.SslContext
ALIAS, X509_CERT_FACTORY
-
Constructor Summary
ConstructorsConstructorDescriptionDeprecated.OpenSslClientContext
(File certChainFile) Deprecated.OpenSslClientContext
(File certChainFile, TrustManagerFactory trustManagerFactory) Deprecated.OpenSslClientContext
(File trustCertCollectionFile, TrustManagerFactory trustManagerFactory, File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory, Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, long sessionCacheSize, long sessionTimeout) Deprecated.OpenSslClientContext
(File certChainFile, TrustManagerFactory trustManagerFactory, Iterable<String> ciphers, ApplicationProtocolConfig apn, long sessionCacheSize, long sessionTimeout) Deprecated.OpenSslClientContext
(File certChainFile, TrustManagerFactory trustManagerFactory, Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, long sessionCacheSize, long sessionTimeout) Deprecated.OpenSslClientContext
(X509Certificate[] trustCertCollection, TrustManagerFactory trustManagerFactory, X509Certificate[] keyCertChain, PrivateKey key, String keyPassword, KeyManagerFactory keyManagerFactory, Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, String[] protocols, long sessionCacheSize, long sessionTimeout, boolean enableOcsp, String keyStore, Map.Entry<SslContextOption<?>, Object>... options) OpenSslClientContext
(TrustManagerFactory trustManagerFactory) Deprecated. -
Method Summary
Methods inherited from class io.netty.handler.ssl.OpenSslContext
finalize, newEngine0
Methods inherited from class io.netty.handler.ssl.ReferenceCountedOpenSslContext
applicationProtocolNegotiator, certificates, chooseTrustManager, chooseX509KeyManager, cipherSuites, context, freeBio, getBioNonApplicationBufferSize, getRejectRemoteInitiatedRenegotiation, isClient, newEngine, newEngine, newHandler, newHandler, newHandler, newHandler, providerFor, refCnt, release, release, retain, retain, setBioNonApplicationBufferSize, setKeyMaterial, setPrivateKeyMethod, setRejectRemoteInitiatedRenegotiation, setTicketKeys, setUseTasks, sslCtxPointer, stats, toBIO, toBIO, toBIO, toNegotiator, touch, touch, useExtendedTrustManager
Methods inherited from class io.netty.handler.ssl.SslContext
attributes, buildKeyManagerFactory, buildKeyManagerFactory, buildKeyStore, buildTrustManagerFactory, buildTrustManagerFactory, buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, keyStorePassword, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContextInternal, newHandler, newHandler, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContextInternal, nextProtocols, sessionCacheSize, sessionTimeout, toApplicationProtocolConfig, toPrivateKey, toPrivateKey, toPrivateKey, toPrivateKeyInternal, toX509Certificates, toX509Certificates, toX509CertificatesInternal
-
Field Details
-
sessionContext
-
-
Constructor Details
-
OpenSslClientContext
Deprecated.Creates a new instance.- Throws:
SSLException
-
OpenSslClientContext
Deprecated.Creates a new instance.- Parameters:
certChainFile
- an X.509 certificate chain file in PEM format.null
to use the system default- Throws:
SSLException
-
OpenSslClientContext
@Deprecated public OpenSslClientContext(TrustManagerFactory trustManagerFactory) throws SSLException Deprecated.Creates a new instance.- Parameters:
trustManagerFactory
- theTrustManagerFactory
that provides theTrustManager
s that verifies the certificates sent from servers.null
to use the default.- Throws:
SSLException
-
OpenSslClientContext
@Deprecated public OpenSslClientContext(File certChainFile, TrustManagerFactory trustManagerFactory) throws SSLException Deprecated.Creates a new instance.- Parameters:
certChainFile
- an X.509 certificate chain file in PEM format.null
to use the system defaulttrustManagerFactory
- theTrustManagerFactory
that provides theTrustManager
s that verifies the certificates sent from servers.null
to use the default.- Throws:
SSLException
-
OpenSslClientContext
@Deprecated public OpenSslClientContext(File certChainFile, TrustManagerFactory trustManagerFactory, Iterable<String> ciphers, ApplicationProtocolConfig apn, long sessionCacheSize, long sessionTimeout) throws SSLException Deprecated.Creates a new instance.- Parameters:
certChainFile
- an X.509 certificate chain file in PEM formattrustManagerFactory
- theTrustManagerFactory
that provides theTrustManager
s that verifies the certificates sent from servers.null
to use the default..ciphers
- the cipher suites to enable, in the order of preference.null
to use the default cipher suites.apn
- Provides a means to configure parameters related to application protocol negotiation.sessionCacheSize
- the size of the cache used for storing SSL session objects.0
to use the default value.sessionTimeout
- the timeout for the cached SSL session objects, in seconds.0
to use the default value.- Throws:
SSLException
-
OpenSslClientContext
@Deprecated public OpenSslClientContext(File certChainFile, TrustManagerFactory trustManagerFactory, Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, long sessionCacheSize, long sessionTimeout) throws SSLException Deprecated.Creates a new instance.- Parameters:
certChainFile
- an X.509 certificate chain file in PEM formattrustManagerFactory
- theTrustManagerFactory
that provides theTrustManager
s that verifies the certificates sent from servers.null
to use the default..ciphers
- the cipher suites to enable, in the order of preference.null
to use the default cipher suites.cipherFilter
- a filter to apply over the supplied list of ciphersapn
- Provides a means to configure parameters related to application protocol negotiation.sessionCacheSize
- the size of the cache used for storing SSL session objects.0
to use the default value.sessionTimeout
- the timeout for the cached SSL session objects, in seconds.0
to use the default value.- Throws:
SSLException
-
OpenSslClientContext
@Deprecated public OpenSslClientContext(File trustCertCollectionFile, TrustManagerFactory trustManagerFactory, File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory, Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, long sessionCacheSize, long sessionTimeout) throws SSLException Deprecated.Creates a new instance.- Parameters:
trustCertCollectionFile
- an X.509 certificate collection file in PEM format.null
to use the system defaulttrustManagerFactory
- theTrustManagerFactory
that provides theTrustManager
s that verifies the certificates sent from servers.null
to use the default or the results of parsingtrustCertCollectionFile
keyCertChainFile
- an X.509 certificate chain file in PEM format. This provides the public key for mutual authentication.null
to use the system defaultkeyFile
- a PKCS#8 private key file in PEM format. This provides the private key for mutual authentication.null
for no mutual authentication.keyPassword
- the password of thekeyFile
.null
if it's not password-protected. Ignored ifkeyFile
isnull
.keyManagerFactory
- theKeyManagerFactory
that provides theKeyManager
s that is used to encrypt data being sent to servers.null
to use the default or the results of parsingkeyCertChainFile
andkeyFile
.ciphers
- the cipher suites to enable, in the order of preference.null
to use the default cipher suites.cipherFilter
- a filter to apply over the supplied list of ciphersapn
- Application Protocol Negotiator object.sessionCacheSize
- the size of the cache used for storing SSL session objects.0
to use the default value.sessionTimeout
- the timeout for the cached SSL session objects, in seconds.0
to use the default value.- Throws:
SSLException
-
OpenSslClientContext
OpenSslClientContext(X509Certificate[] trustCertCollection, TrustManagerFactory trustManagerFactory, X509Certificate[] keyCertChain, PrivateKey key, String keyPassword, KeyManagerFactory keyManagerFactory, Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, String[] protocols, long sessionCacheSize, long sessionTimeout, boolean enableOcsp, String keyStore, Map.Entry<SslContextOption<?>, Object>... options) throws SSLException- Throws:
SSLException
-
-
Method Details
-
sessionContext
Description copied from class:SslContext
Returns theSSLSessionContext
object held by this context.- Specified by:
sessionContext
in classReferenceCountedOpenSslContext
-
SslContextBuilder