Package org.forgerock.opendj.ldap
Class SSLContextBuilder
java.lang.Object
org.forgerock.opendj.ldap.SSLContextBuilder
An SSL context builder provides an interface for incrementally constructing
SSLContext instances for use when securing connections with SSL or
the StartTLS extended operation. The getSSLContext() should be
called in order to obtain the SSLContext.
For example, use the SSL context builder when setting up LDAP options needed
to use StartTLS. TrustManagers has methods you can use to set the trust manager for the SSL
context builder.
LDAPOptions options = new LDAPOptions();
SSLContext sslContext =
new SSLContextBuilder().setTrustManager(...).getSSLContext();
options.setSSLContext(sslContext);
options.setUseStartTLS(true);
String host = ...;
int port = ...;
LDAPConnectionFactory factory = new LDAPConnectionFactory(host, port, options);
Connection connection = factory.getConnection();
// Connection uses StartTLS...
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringSSL protocol: supports some version of SSL; may support other versions.static final StringSSL protocol: supports SSL version 2 or higher; may support other versions.static final StringSSL protocol: supports SSL version 3; may support other versions.static final StringSSL protocol: supports some version of TLS; may support other versions.static final StringSSL protocol: supports RFC 2246: TLS version 1.0 ; may support other versions.static final StringSSL protocol: supports RFC 4346: TLS version 1.1 ; may support other versions.static final StringSSL protocol: supports RFC 5246: TLS version 1.2 ; may support other versions. -
Constructor Summary
ConstructorsConstructorDescriptionCreates a new SSL context builder using default parameters. -
Method Summary
Modifier and TypeMethodDescriptionCreates aSSLContextusing the parameters of this SSL context builder.setKeyManager(KeyManager keyManager) Sets the key manager which the SSL context should use.setProtocol(String protocol) Sets the protocol which the SSL context should use.setProvider(String providerName) Sets the provider which the SSL context should use.setProvider(Provider provider) Sets the provider which the SSL context should use.setSecureRandom(SecureRandom random) Sets the secure random number generator which the SSL context should use.setTrustManager(TrustManager trustManager) Sets the trust manager which the SSL context should use.
-
Field Details
-
PROTOCOL_SSL
SSL protocol: supports some version of SSL; may support other versions.- See Also:
-
PROTOCOL_SSL2
SSL protocol: supports SSL version 2 or higher; may support other versions.- See Also:
-
PROTOCOL_SSL3
SSL protocol: supports SSL version 3; may support other versions.- See Also:
-
PROTOCOL_TLS
SSL protocol: supports some version of TLS; may support other versions.- See Also:
-
PROTOCOL_TLS1
SSL protocol: supports RFC 2246: TLS version 1.0 ; may support other versions.- See Also:
-
PROTOCOL_TLS1_1
SSL protocol: supports RFC 4346: TLS version 1.1 ; may support other versions.- See Also:
-
PROTOCOL_TLS1_2
SSL protocol: supports RFC 5246: TLS version 1.2 ; may support other versions.- See Also:
-
-
Constructor Details
-
SSLContextBuilder
public SSLContextBuilder()Creates a new SSL context builder using default parameters.
-
-
Method Details
-
getSSLContext
Creates aSSLContextusing the parameters of this SSL context builder.- Returns:
- A
SSLContextusing the parameters of this SSL context builder. - Throws:
GeneralSecurityException- If the SSL context could not be created, perhaps due to missing algorithms.
-
setKeyManager
Sets the key manager which the SSL context should use. By default, the JVM's key manager is used.- Parameters:
keyManager- The key manager which the SSL context should use, which may benullindicating that no certificates will be used.- Returns:
- This SSL context builder.
-
setProtocol
Sets the protocol which the SSL context should use. By default, TLSv1.2 will be used.- Parameters:
protocol- The protocol which the SSL context should use, which may benullindicating that TLSv1.2 will be used.- Returns:
- This SSL context builder.
-
setProvider
Sets the provider which the SSL context should use. By default, the default provider associated with this JVM will be used.- Parameters:
provider- The provider which the SSL context should use, which may benullindicating that the default provider associated with this JVM will be used.- Returns:
- This SSL context builder.
-
setProvider
Sets the provider which the SSL context should use. By default, the default provider associated with this JVM will be used.- Parameters:
providerName- The name of the provider which the SSL context should use, which may benullindicating that the default provider associated with this JVM will be used.- Returns:
- This SSL context builder.
-
setSecureRandom
Sets the secure random number generator which the SSL context should use. By default, the default secure random number generator associated with this JVM will be used.- Parameters:
random- The secure random number generator which the SSL context should use, which may benullindicating that the default secure random number generator associated with this JVM will be used.- Returns:
- This SSL context builder.
-
setTrustManager
Sets the trust manager which the SSL context should use. By default, no trust manager is specified indicating that only certificates signed by the authorities associated with this JVM will be accepted.- Parameters:
trustManager- The trust manager which the SSL context should use, which may benullindicating that only certificates signed by the authorities associated with this JVM will be accepted.- Returns:
- This SSL context builder.
-