Class OpenSSLUtil

java.lang.Object
org.apache.tomcat.util.net.SSLUtilBase
org.apache.tomcat.util.net.openssl.OpenSSLUtil
All Implemented Interfaces:
SSLUtil
public class OpenSSLUtil extends SSLUtilBase
OpenSSL implementation of SSL utility operations.

  • Constructor Details

    • OpenSSLUtil

      public OpenSSLUtil(SSLHostConfigCertificate certificate)
      Constructs an OpenSSLUtil for the given certificate.
      Parameters:
      certificate - The SSL host config certificate

  • Method Details

    • getLog

      protected Log getLog()
      Description copied from class: SSLUtilBase
      Returns the log for this utility.
      Specified by:
      getLog in class SSLUtilBase
      Returns:
      the log

    • getImplementedProtocols

      protected Set<String> getImplementedProtocols()
      Description copied from class: SSLUtilBase
      Returns the set of implemented SSL/TLS protocols.
      Specified by:
      getImplementedProtocols in class SSLUtilBase
      Returns:
      the implemented protocols

    • getImplementedCiphers

      protected Set<String> getImplementedCiphers()
      Description copied from class: SSLUtilBase
      Returns the set of implemented SSL/TLS ciphers.
      Specified by:
      getImplementedCiphers in class SSLUtilBase
      Returns:
      the implemented ciphers

    • isTls13RenegAuthAvailable

      protected boolean isTls13RenegAuthAvailable()
      Description copied from class: SSLUtilBase
      Returns whether TLS 1.3 renegotiation authentication is available.
      Specified by:
      isTls13RenegAuthAvailable in class SSLUtilBase
      Returns:
      true if TLS 1.3 renegotiation authentication is available

    • createSSLContextInternal

      public SSLContext createSSLContextInternal(List<String> negotiableProtocols) throws Exception
      Description copied from class: SSLUtilBase
      Creates an SSL context with the given negotiable protocols.
      Specified by:
      createSSLContextInternal in class SSLUtilBase
      Parameters:
      negotiableProtocols - The negotiable protocols
      Returns:
      the SSL context
      Throws:
      Exception - if creation fails

    • chooseKeyManager

      public static X509KeyManager chooseKeyManager(KeyManager[] managers, boolean throwOnMissing) throws Exception
      Chooses an X509 key manager from the array of key managers.
      Parameters:
      managers - The key managers to choose from
      throwOnMissing - Whether to throw if no key manager is found
      Returns:
      The chosen X509 key manager
      Throws:
      Exception - if no suitable key manager is found and throwOnMissing is true

    • getKeyManagers

      public KeyManager[] getKeyManagers() throws Exception
      Description copied from interface: SSLUtil
      Returns the key managers.
      Specified by:
      getKeyManagers in interface SSLUtil
      Overrides:
      getKeyManagers in class SSLUtilBase
      Returns:
      The key managers
      Throws:
      Exception - if an error occurs