Class SSLContextBuilder

java.lang.Object
org.forgerock.opendj.ldap.SSLContextBuilder

public final class SSLContextBuilder extends Object
An SSL context builder provides an interface for incrementally constructing SSLContext instances for use when securing connections with SSL or the StartTLS extended operation. The getSSLContext() should be called in order to obtain the SSLContext.

For example, use the SSL context builder when setting up LDAP options needed to use StartTLS. TrustManagers has methods you can use to set the trust manager for the SSL context builder.

 LDAPOptions options = new LDAPOptions();
 SSLContext sslContext =
         new SSLContextBuilder().setTrustManager(...).getSSLContext();
 options.setSSLContext(sslContext);
 options.setUseStartTLS(true);

 String host = ...;
 int port = ...;
 LDAPConnectionFactory factory = new LDAPConnectionFactory(host, port, options);
 Connection connection = factory.getConnection();
 // Connection uses StartTLS...
 
  • Field Details

  • Constructor Details

    • SSLContextBuilder

      Creates a new SSL context builder using default parameters.
  • Method Details

    • getSSLContext

      Creates a SSLContext using the parameters of this SSL context builder.
      Returns:
      A SSLContext using the parameters of this SSL context builder.
      Throws:
      GeneralSecurityException - If the SSL context could not be created, perhaps due to missing algorithms.
    • setKeyManager

      Sets the key manager which the SSL context should use. By default, the JVM's key manager is used.
      Parameters:
      keyManager - The key manager which the SSL context should use, which may be null indicating that no certificates will be used.
      Returns:
      This SSL context builder.
    • setProtocol

      Sets the protocol which the SSL context should use. By default, TLSv1.2 will be used.
      Parameters:
      protocol - The protocol which the SSL context should use, which may be null indicating that TLSv1.2 will be used.
      Returns:
      This SSL context builder.
    • setProvider

      Sets the provider which the SSL context should use. By default, the default provider associated with this JVM will be used.
      Parameters:
      provider - The provider which the SSL context should use, which may be null indicating that the default provider associated with this JVM will be used.
      Returns:
      This SSL context builder.
    • setProvider

      public SSLContextBuilder setProvider(String providerName)
      Sets the provider which the SSL context should use. By default, the default provider associated with this JVM will be used.
      Parameters:
      providerName - The name of the provider which the SSL context should use, which may be null indicating that the default provider associated with this JVM will be used.
      Returns:
      This SSL context builder.
    • setSecureRandom

      Sets the secure random number generator which the SSL context should use. By default, the default secure random number generator associated with this JVM will be used.
      Parameters:
      random - The secure random number generator which the SSL context should use, which may be null indicating that the default secure random number generator associated with this JVM will be used.
      Returns:
      This SSL context builder.
    • setTrustManager

      Sets the trust manager which the SSL context should use. By default, no trust manager is specified indicating that only certificates signed by the authorities associated with this JVM will be accepted.
      Parameters:
      trustManager - The trust manager which the SSL context should use, which may be null indicating that only certificates signed by the authorities associated with this JVM will be accepted.
      Returns:
      This SSL context builder.