Class Ssl
java.lang.Object
org.springframework.boot.web.server.Ssl
Simple server-independent abstraction for SSL configuration.
- Since:
- 2.0.0
- Author:
- Andy Wilkinson, Vladimir Tsanev, Stephane Nicoll, Scott Frederick
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
Client authentication types.static final record
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic Ssl
Factory method to create anSsl
instance for a specific bundle name.Return the name of the SSL bundle to use.Return the location of the certificate in PEM format.Return the location of the private key for the certificate in PEM format.String[]
Return the supported SSL ciphers.Return Whether client authentication is not wanted ("none"), wanted ("want") or needed ("need").String[]
Return the enabled SSL protocols.Return the alias that identifies the key in the key store.Return the password used to access the key in the key store.Return the path to the key store that holds the SSL certificate (typically a jks file).Return the password used to access the key store.Return the provider for the key store.Return the type of the key store.Return the SSL protocol to use.Return the mapping of host names to SSL bundles for SNI configuration.Return the location of the trust certificate authority chain in PEM format.Return the location of the private key for the trust certificate in PEM format.Return the trust store that holds SSL certificates.Return the password used to access the trust store.Return the provider for the trust store.Return the type of the trust store.boolean
Return whether to enable SSL support.static boolean
Returns if SSL is enabled for the given instance.void
Set the name of the SSL bundle to use.void
setCertificate
(String certificate) void
setCertificatePrivateKey
(String certificatePrivateKey) void
setCiphers
(String[] ciphers) void
setClientAuth
(Ssl.ClientAuth clientAuth) void
setEnabled
(boolean enabled) void
setEnabledProtocols
(String[] enabledProtocols) void
setKeyAlias
(String keyAlias) void
setKeyPassword
(String keyPassword) void
setKeyStore
(String keyStore) void
setKeyStorePassword
(String keyStorePassword) void
setKeyStoreProvider
(String keyStoreProvider) void
setKeyStoreType
(String keyStoreType) void
setProtocol
(String protocol) void
setServerNameBundles
(List<Ssl.ServerNameSslBundle> serverNameBundles) void
setTrustCertificate
(String trustCertificate) void
setTrustCertificatePrivateKey
(String trustCertificatePrivateKey) void
setTrustStore
(String trustStore) void
setTrustStorePassword
(String trustStorePassword) void
setTrustStoreProvider
(String trustStoreProvider) void
setTrustStoreType
(String trustStoreType)
-
Constructor Details
-
Ssl
public Ssl()
-
-
Method Details
-
isEnabled
public boolean isEnabled()Return whether to enable SSL support.- Returns:
- whether to enable SSL support
-
setEnabled
public void setEnabled(boolean enabled) -
getBundle
Return the name of the SSL bundle to use.- Returns:
- the SSL bundle name
- Since:
- 3.1.0
-
setBundle
Set the name of the SSL bundle to use.- Parameters:
bundle
- the SSL bundle name- Since:
- 3.1.0
-
getClientAuth
Return Whether client authentication is not wanted ("none"), wanted ("want") or needed ("need"). Requires a trust store.- Returns:
- the
Ssl.ClientAuth
to use
-
setClientAuth
-
getCiphers
Return the supported SSL ciphers.- Returns:
- the supported SSL ciphers
-
setCiphers
-
getEnabledProtocols
Return the enabled SSL protocols.- Returns:
- the enabled SSL protocols.
-
setEnabledProtocols
-
getKeyAlias
Return the alias that identifies the key in the key store.- Returns:
- the key alias
-
setKeyAlias
-
getKeyPassword
Return the password used to access the key in the key store.- Returns:
- the key password
-
setKeyPassword
-
getKeyStore
Return the path to the key store that holds the SSL certificate (typically a jks file).- Returns:
- the path to the key store
-
setKeyStore
-
getKeyStorePassword
Return the password used to access the key store.- Returns:
- the key store password
-
setKeyStorePassword
-
getKeyStoreType
Return the type of the key store.- Returns:
- the key store type
-
setKeyStoreType
-
getKeyStoreProvider
Return the provider for the key store.- Returns:
- the key store provider
-
setKeyStoreProvider
-
getTrustStore
Return the trust store that holds SSL certificates.- Returns:
- the trust store
-
setTrustStore
-
getTrustStorePassword
Return the password used to access the trust store.- Returns:
- the trust store password
-
setTrustStorePassword
-
getTrustStoreType
Return the type of the trust store.- Returns:
- the trust store type
-
setTrustStoreType
-
getTrustStoreProvider
Return the provider for the trust store.- Returns:
- the trust store provider
-
setTrustStoreProvider
-
getCertificate
Return the location of the certificate in PEM format.- Returns:
- the certificate location
-
setCertificate
-
getCertificatePrivateKey
Return the location of the private key for the certificate in PEM format.- Returns:
- the location of the certificate private key
-
setCertificatePrivateKey
-
getTrustCertificate
Return the location of the trust certificate authority chain in PEM format.- Returns:
- the location of the trust certificate
-
setTrustCertificate
-
getTrustCertificatePrivateKey
Return the location of the private key for the trust certificate in PEM format.- Returns:
- the location of the trust certificate private key
-
setTrustCertificatePrivateKey
-
getProtocol
Return the SSL protocol to use.- Returns:
- the SSL protocol
-
setProtocol
-
isEnabled
Returns if SSL is enabled for the given instance.- Parameters:
ssl
- theSSL
instance ornull
- Returns:
true
if SSL is enabled- Since:
- 3.1.0
-
getServerNameBundles
Return the mapping of host names to SSL bundles for SNI configuration.- Returns:
- the host name to SSL bundle mapping
-
setServerNameBundles
-
forBundle
Factory method to create anSsl
instance for a specific bundle name.- Parameters:
bundle
- the name of the bundle- Returns:
- a new
Ssl
instance with the bundle set - Since:
- 3.1.0
-