Class JSSEHelper
- java.lang.Object
- 
- com.ibm.websphere.ssl.JSSEHelper
 
- 
 public class JSSEHelper extends java.lang.ObjectThis class is for components and applications to utilize the SSL configuration framework for selecting SSL configurations and turning them into SSL objects such as SSLContext, Properties, URLStreamHandlers, and SocketFactories. - Since:
- WAS 6.1
 
- 
- 
Field SummaryFields Modifier and Type Field Description static java.lang.StringCONNECTION_INFO_CERT_MAPPING_HOSTProperty used in the connection information Map to define the host which is being connected to outbound connections.static java.lang.StringCONNECTION_INFO_DIRECTIONVariable used for the connection information to determine SSLContext validation rules.static java.lang.StringCONNECTION_INFO_ENDPOINT_NAMEProperty used in the connection information Map to define the endpoint.static java.lang.StringCONNECTION_INFO_IS_WEB_CONTAINER_INBOUNDProperty used to determine if the connection is a Web Container inbound connection.static java.lang.StringCONNECTION_INFO_REMOTE_HOSTProperty used in the connection information Map to define the remote host which is being connected to outbound connections.static java.lang.StringCONNECTION_INFO_REMOTE_PORTProperty used in the connection information Map to define the remote port which is being connected to outbound connections.static java.lang.StringDIRECTION_INBOUNDVariable used when the direction of the SSLContext is inbound.static java.lang.StringDIRECTION_OUTBOUNDVariable used when the direction of the SSLContext is outbound.static java.lang.StringDIRECTION_UNKNOWNVariable used when the direction of the SSLContext is not currently known.static java.lang.StringENDPOINT_ADMIN_IPCEndPoint name when using IPC protocol from the IPC connector for outbound connections.static java.lang.StringENDPOINT_ADMIN_SOAPEndPoint name when using SOAP protocol from the SOAP connector for outbound connections.static java.lang.StringENDPOINT_BUS_CLIENTEndPoint name when using BUS_CLIENT protocol for outbound connections.static java.lang.StringENDPOINT_BUS_TO_BUSEndPoint name when using ENDPOINT_BUS_TO_BUS protocol for outbound connections.static java.lang.StringENDPOINT_BUS_TO_WEBSPHERE_MQEndPoint name when using ENDPOINT_BUS_TO_WEBSPHERE_MQ protocol for outbound connections.static java.lang.StringENDPOINT_CLIENT_TO_WEBSPHERE_MQEndPoint name when using ENDPOINT_CLIENT_TO_WEBSPHERE_MQ protocol for outbound connections.static java.lang.StringENDPOINT_HTTPEndPoint name when using HTTP protocol for outbound connections.static java.lang.StringENDPOINT_IIOPEndPoint name when using IIOP protocol for outbound connections.static java.lang.StringENDPOINT_JMSEndPoint name when using JMS protocol for outbound connections.static java.lang.StringENDPOINT_LDAPEndPoint name when using LDAP (JNDI) protocol for outbound connections.static java.lang.StringENDPOINT_SIPEndPoint name when using SIP protocol for outbound connections.
 - 
Constructor SummaryConstructors Constructor Description JSSEHelper()Constructor.
 - 
Method SummaryAll Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidderegisterSSLConfigChangeListener(SSLConfigChangeListener listener)This method removes the specific SSLConfigChangeListener from the list of active listeners.booleandoesSSLConfigExist(java.lang.String sslAliasName)This method checks to ensure the SSL configuration name is known.java.util.Map<java.lang.String,java.lang.Object>getInboundConnectionInfo()This method is used to obtain information about the connection on the thread of execution.static JSSEHelpergetInstance()This method returns an instance of the JSSEHelper class.java.util.Map<java.lang.String,java.lang.Object>getOutboundConnectionInfo()This method is used to obtain information about the connection on the thread of execution.java.util.PropertiesgetProperties(java.lang.String sslAliasName)This method returns the SSL properties given a specific SSL configuration alias.java.util.PropertiesgetProperties(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener)This method returns the effective SSL properties object for use by an SSL application or component.java.util.PropertiesgetProperties(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener, boolean tryDefault)LikegetProperties(String, Map, SSLConfigChangeListener), except failing over to the default configuration is a choice.javax.net.ssl.SSLContextgetSSLContext(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener)This method creates an SSLContext for use by an SSL application or component.javax.net.ssl.SSLContextgetSSLContext(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener, boolean tryDefault)LikegetSSLContext(String, Map, SSLConfigChangeListener), failing over to the default configuration is a choice.javax.net.ssl.SSLContextgetSSLContext(java.util.Map<java.lang.String,java.lang.Object> connectionInfo, java.util.Properties props)This method creates an SSLContext given the SSL properties needed to create the SSLContext.java.util.PropertiesgetSSLPropertiesOnThread()This method allows the retrieving of SSL properties on the thread of execution.javax.net.ssl.SSLServerSocketFactorygetSSLServerSocketFactory(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener)This method creates an SSLSocketFactory for use by an SSL application or component.javax.net.ssl.SSLServerSocketFactorygetSSLServerSocketFactory(java.util.Properties props)This method creates an SSLServerSocketFactory given the SSL configuration properties specified.javax.net.ssl.SSLSocketFactorygetSSLSocketFactory(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener)This method creates an SSLSocketFactory for use by an SSL application or component.javax.net.ssl.SSLSocketFactorygetSSLSocketFactory(java.util.Map<java.lang.String,java.lang.Object> connectionInfo, java.util.Properties props)This method creates an SSLSocketFactory for use by an SSL application or component.java.net.URLStreamHandlergetURLStreamHandler(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener)This method creates a URLStreamHandler for use by an SSL application or component.java.net.URLStreamHandlergetURLStreamHandler(java.util.Properties props)This method creates a URLStreamHandler specific SSL properties.voidregisterSSLConfigChangeListener(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener)This method registers an SSLConfigChangeListener for the specific SSL configuration chosen based upon the parameters passed in using the precedence logic described in the JavaDoc for the getSSLContext API.voidreinitializeClientDefaultSSLProperties()This method is not implemented.voidsetInboundConnectionInfo(java.util.Map<java.lang.String,java.lang.Object> connectionInfo)This method sets information about the connection on the thread of execution.voidsetOutboundConnectionInfo(java.util.Map<java.lang.String,java.lang.Object> connectionInfo)This method sets information about the connection on the thread of execution.voidsetSSLPropertiesOnThread(java.util.Properties props)This has the highest precedence in terms of selection rules.voidvalidateSSLProperties(java.util.Properties props)This method attempts to create an SSLContext using the properties provided.
 
- 
- 
- 
Field Detail- 
DIRECTION_INBOUNDpublic static final java.lang.String DIRECTION_INBOUND Variable used when the direction of the SSLContext is inbound. This is associated to receiving requests or server-side sockets, etc. This helps with validation of the required SSL attributes. - See Also:
- Constant Field Values
 
 - 
DIRECTION_OUTBOUNDpublic static final java.lang.String DIRECTION_OUTBOUND Variable used when the direction of the SSLContext is outbound. This is associated to sending requests or client-side sockets, etc. This helps with validation of the required SSL attributes. - See Also:
- Constant Field Values
 
 - 
DIRECTION_UNKNOWNpublic static final java.lang.String DIRECTION_UNKNOWN Variable used when the direction of the SSLContext is not currently known. This will require that a TrustStore and KeyStore are both specified. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_IIOPpublic static final java.lang.String ENDPOINT_IIOP EndPoint name when using IIOP protocol for outbound connections. The IIOP endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_HTTPpublic static final java.lang.String ENDPOINT_HTTP EndPoint name when using HTTP protocol for outbound connections. The HTTP endpoint attribute is not used Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_SIPpublic static final java.lang.String ENDPOINT_SIP EndPoint name when using SIP protocol for outbound connections. The SIP endpoint attribute is not used Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_JMSpublic static final java.lang.String ENDPOINT_JMS EndPoint name when using JMS protocol for outbound connections. The JMS endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_BUS_CLIENTpublic static final java.lang.String ENDPOINT_BUS_CLIENT EndPoint name when using BUS_CLIENT protocol for outbound connections. You cannot use the BUS_CLIENT endpoint attribute in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_BUS_TO_WEBSPHERE_MQpublic static final java.lang.String ENDPOINT_BUS_TO_WEBSPHERE_MQ EndPoint name when using ENDPOINT_BUS_TO_WEBSPHERE_MQ protocol for outbound connections. The ENDPOINT_BUS_TO_WEBSPHERE_MQ endpoint attribute is not in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_BUS_TO_BUSpublic static final java.lang.String ENDPOINT_BUS_TO_BUS EndPoint name when using ENDPOINT_BUS_TO_BUS protocol for outbound connections. The ENDPOINT_BUS_TO_BUS endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_CLIENT_TO_WEBSPHERE_MQpublic static final java.lang.String ENDPOINT_CLIENT_TO_WEBSPHERE_MQ EndPoint name when using ENDPOINT_CLIENT_TO_WEBSPHERE_MQ protocol for outbound connections. The ENDPOINT_CLIENT_TO_WEBSPHERE_MQ endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_LDAPpublic static final java.lang.String ENDPOINT_LDAP EndPoint name when using LDAP (JNDI) protocol for outbound connections. The LDAP endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_ADMIN_SOAPpublic static final java.lang.String ENDPOINT_ADMIN_SOAP EndPoint name when using SOAP protocol from the SOAP connector for outbound connections. The SOAP endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
ENDPOINT_ADMIN_IPCpublic static final java.lang.String ENDPOINT_ADMIN_IPC EndPoint name when using IPC protocol from the IPC connector for outbound connections. The IPC endpoint attribute is not used in Liberty. This attribute is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
CONNECTION_INFO_DIRECTIONpublic static final java.lang.String CONNECTION_INFO_DIRECTION Variable used for the connection information to determine SSLContext validation rules. Connection information mapping is not used in Liberty. This variable is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
CONNECTION_INFO_ENDPOINT_NAMEpublic static final java.lang.String CONNECTION_INFO_ENDPOINT_NAME Property used in the connection information Map to define the endpoint. Connection information mapping is not used in Liberty. This property is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
CONNECTION_INFO_REMOTE_HOSTpublic static final java.lang.String CONNECTION_INFO_REMOTE_HOST Property used in the connection information Map to define the remote host which is being connected to outbound connections. Connection information mapping is not used in Liberty. This property is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
CONNECTION_INFO_REMOTE_PORTpublic static final java.lang.String CONNECTION_INFO_REMOTE_PORT Property used in the connection information Map to define the remote port which is being connected to outbound connections. Connection information mapping is not used in Liberty. This property is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
CONNECTION_INFO_CERT_MAPPING_HOSTpublic static final java.lang.String CONNECTION_INFO_CERT_MAPPING_HOST Property used in the connection information Map to define the host which is being connected to outbound connections. Connection information mapping is not used in Liberty. This property is available for compatibility purposes only. - See Also:
- Constant Field Values
 
 - 
CONNECTION_INFO_IS_WEB_CONTAINER_INBOUNDpublic static final java.lang.String CONNECTION_INFO_IS_WEB_CONTAINER_INBOUND Property used to determine if the connection is a Web Container inbound connection. - See Also:
- Constant Field Values
 
 
- 
 - 
Method Detail- 
getInstancepublic static JSSEHelper getInstance() This method returns an instance of the JSSEHelper class. This is the proper way to get a reference of this API class. - Returns:
- JSSEHelper
 
 - 
setSSLPropertiesOnThreadpublic void setSSLPropertiesOnThread(java.util.Properties props) This has the highest precedence in terms of selection rules. When the SSL runtime finds SSL properties on the thread, this should be used before anything else in the selection process. Using SSL properties from the thread is not support in the Liberty profile. This method exists for compatibility purposes. It's important to clear the thread after use, especially where thread pools are used. It is not cleared up automatically. Pass in "null" to this API to clear it. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "setSSLConfig" to be granted. - Parameters:
- props- The SSL properties to set on the thread.
 
 - 
getSSLPropertiesOnThreadpublic java.util.Properties getSSLPropertiesOnThread() This method allows the retrieving of SSL properties on the thread of execution. This can be used for verification purposes or to communicate SSL properties among components running on the same thread. Getting SSL properties form the thread is not used in Liberty. This method exits for compatibility purposes only. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Returns:
- Properties
 
 - 
getPropertiespublic java.util.Properties getProperties(java.lang.String sslAliasName) throws SSLExceptionThis method returns the SSL properties given a specific SSL configuration alias. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- sslAliasName- - Name of the SSL configuration to get properties for.
- Returns:
- Properties
- Throws:
- SSLException
 
 - 
getSSLContextpublic javax.net.ssl.SSLContext getSSLContext(java.util.Map<java.lang.String,java.lang.Object> connectionInfo, java.util.Properties props) throws SSLExceptionThis method creates an SSLContext given the SSL properties needed to create the SSLContext. The properties can be retrieved from the SSL configuration using the getProperties API in this class. - Parameters:
- connectionInfo- - contains information about the connection direction, host, port, etc.
- props- - the SSL properties
- Returns:
- SSLContext
- Throws:
- SSLException
 
 - 
getURLStreamHandlerpublic java.net.URLStreamHandler getURLStreamHandler(java.util.Properties props) throws SSLExceptionThis method creates a URLStreamHandler specific SSL properties. The URLStreamHandler is used for outbound URL connections. - Parameters:
- props- - the SSL properties (connectionInfo derived from URL)
- Returns:
- URLStreamHandler
- Throws:
- SSLException
 
 - 
getSSLServerSocketFactorypublic javax.net.ssl.SSLServerSocketFactory getSSLServerSocketFactory(java.util.Properties props) throws SSLExceptionThis method creates an SSLServerSocketFactory given the SSL configuration properties specified. The properties can be retrieved from the SSL configuration using the getProperties API in this class. - Parameters:
- props-
- Returns:
- SSLServerSocketFactory
- Throws:
- SSLException
 
 - 
getSSLSocketFactorypublic javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.util.Map<java.lang.String,java.lang.Object> connectionInfo, java.util.Properties props) throws SSLExceptionThis method creates an SSLSocketFactory for use by an SSL application or component. Precedence logic will determine which parameters are used for creating the SSLSocketFactory. See the JavaDoc for getSSLContext with the same parameters for more info on the behavior of this API. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example OUTBOUND case (endpoint refers more to protocol used since outbound names are not well-known): - com.ibm.ssl.remoteHost="hostname.ibm.com"
- com.ibm.ssl.remotePort="9809"
- com.ibm.ssl.direction="outbound"
 - Example INBOUND case (endpoint name matches serverindex endpoint): It's highly recommended to supply these properties when possible.- com.ibm.ssl.direction="inbound"
- props- Properties used to configure the SSL socket factory. See- Constantsfor valid properties.
- Returns:
- SSLSocketFactory
- Throws:
- SSLException
 
 - 
getSSLContextpublic javax.net.ssl.SSLContext getSSLContext(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener) throws SSLExceptionThis method creates an SSLContext for use by an SSL application or component. Precedence logic will determine which parameters are used for creating the SSLContext. The selection precedence rules are: - Direct - The sslAliasName parameter, when specified, will be used to choose the alias directly from the SSL configurations.
- Dynamic - The remoteHost/remotePort String(s) will contain the target host, or host and port. A SSL configuration to be use for an outbound connection will be selected based on the host or host and port configured.
 When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- sslAliasName- - Used in direct selection. The alias name of a specific SSL configuration (optional). You can pass in "null" here. If sslAliasName is provided but does not exist it will check connection information for a match. Then look for a default if no match with the connection information.
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example OUTBOUND case (endpoint refers more to protocol used since outbound names are not well-known): - com.ibm.ssl.remoteHost="hostname.ibm.com"
- com.ibm.ssl.remotePort="9809"
- com.ibm.ssl.direction="outbound"
 - Example INBOUND case (endpoint name matches serverindex endpoint): It's highly recommended to supply these properties when possible.- com.ibm.ssl.direction="inbound"
- listener- - This is used to notify the caller of this API that the SSL configuration changed in the runtime. It's up to the caller to decide if they want to call this API again to get the new SSLContext for the configuration. Passing in NULL indicates no notification is desired. See the com.ibm.websphere.ssl.SSLConfigChangeListener interface for more information.
- Returns:
- SSLContext
- Throws:
- SSLException
 
 - 
getSSLContextpublic javax.net.ssl.SSLContext getSSLContext(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener, boolean tryDefault) throws SSLException, SSLConfigurationNotAvailableExceptionLikegetSSLContext(String, Map, SSLConfigChangeListener), failing over to the default configuration is a choice.- Parameters:
- sslAliasName- - Used in direct selection. The alias name of a specific SSL configuration (optional). You can pass in "null" here.
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example OUTBOUND case (endpoint refers more to protocol used since outbound names are not well-known): - com.ibm.ssl.remoteHost="hostname.ibm.com"
- com.ibm.ssl.remotePort="9809"
- com.ibm.ssl.direction="outbound"
 - Example INBOUND case (endpoint name matches serverindex endpoint): It's highly recommended to supply these properties when possible.- com.ibm.ssl.direction="inbound"
- listener- - This is used to notify the caller of this API that the SSL configuration changed in the runtime. It's up to the caller to decide if they want to call this API again to get the new SSLContext for the configuration. Passing in NULL indicates no notification is desired. See the com.ibm.websphere.ssl.SSLConfigChangeListener interface for more information.
- tryDefault- if the specified alias is not available,- trueindicates the default configuration should be tried.
- Returns:
- Throws:
- SSLException
- SSLConfigurationNotAvailableException
 
 - 
getURLStreamHandlerpublic java.net.URLStreamHandler getURLStreamHandler(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener) throws SSLExceptionThis method creates a URLStreamHandler for use by an SSL application or component. Precedence logic will determine which parameters are used for creating the URLStreamHandler. See the JavaDoc for getSSLContext with the same parameters for more info on the behavior of this API. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- sslAliasName-
- connectionInfo-
- listener-
- Returns:
- URLStreamHandler
- Throws:
- SSLException
 
 - 
getSSLSocketFactorypublic javax.net.ssl.SSLSocketFactory getSSLSocketFactory(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener) throws SSLExceptionThis method creates an SSLSocketFactory for use by an SSL application or component. Precedence logic will determine which parameters are used for creating the SSLSocketFactory. See the JavaDoc for getSSLContext with the same parameters for more info on the behavior of this API. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- sslAliasName- - Used in direct selection. The alias name of a specific SSL configuration (optional). You can pass in "null" here. If sslAliasName is provided but does not exist it will check connection information for a match. Then look for a default if no match with the connection information.
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example OUTBOUND case (endpoint refers more to protocol used since outbound names are not well-known): - com.ibm.ssl.remoteHost="hostname.ibm.com"
- com.ibm.ssl.remotePort="9809"
- com.ibm.ssl.direction="outbound"
 
- listener- - This is used to notify the caller of this API that the SSL configuration changed in the runtime. It's up to the caller to decide if they want to call this API again to get the new SSLContext for the configuration. Passing in NULL indicates no notification is desired. See the com.ibm.websphere.ssl.SSLConfigChangeListener interface for more information.
- Returns:
- SSLSocketFactory
- Throws:
- SSLException
 
 - 
getSSLServerSocketFactorypublic javax.net.ssl.SSLServerSocketFactory getSSLServerSocketFactory(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener) throws SSLExceptionThis method creates an SSLSocketFactory for use by an SSL application or component. Precedence logic will determine which parameters are used for creating the SSLSocketFactory. See the JavaDoc for getSSLContext with the same parameters for more info on the behavior of this API. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- sslAliasName- - Used in direct selection. The alias name of a specific SSL configuration (optional). You can pass in "null" here. If sslAliasName is provided but does not exist it will check connection information for a match. Then look for a default if no match with the connection information.
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example INBOUND case (endpoint name matches serverindex endpoint): It's highly recommended to supply these properties when possible.- com.ibm.ssl.direction="inbound"
- listener- - This is used to notify the caller of this API that the SSL configuration changed in the runtime. It's up to the caller to decide if they want to call this API again to get the new SSLContext for the configuration. Passing in NULL indicates no notification is desired. See the com.ibm.websphere.ssl.SSLConfigChangeListener interface for more information.
- Returns:
- SSLServerSocketFactory
- Throws:
- SSLException
 
 - 
getPropertiespublic java.util.Properties getProperties(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener) throws SSLExceptionThis method returns the effective SSL properties object for use by an SSL application or component. When Java 2 Security is enabled, access to call this method requires WebSphereRuntimePermission "getSSLConfig" to be granted. - Parameters:
- sslAliasName- - Used in direct selection. The alias name of a specific SSL configuration (optional). You can pass in "null" here. If sslAliasName is provided but does not exist it will check connection information for a match. Then look for a default if no match with the connection information.
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example OUTBOUND case (endpoint refers more to protocol used since outbound names are not well-known): - com.ibm.ssl.remoteHost="hostname.ibm.com"
- com.ibm.ssl.remotePort="9809"
- com.ibm.ssl.direction="outbound"
 - Example INBOUND case (endpoint name matches serverindex endpoint): It's highly recommended to supply these properties when possible.- com.ibm.ssl.direction="inbound"
- listener- - This is used to notify the caller of this API that the SSL configuration changed in the runtime. It's up to the caller to decide if they want to call this API again to get the new SSLContext for the configuration. Passing in NULL indicates no notification is desired. See the com.ibm.websphere.ssl.SSLConfigChangeListener interface for more information.
- Returns:
- Properties for the requested sslAliasName. If the requested sslAliasName is not avialable, the default properties will be returned. If the default properties are not available, null is returned.
- Throws:
- SSLException
 
 - 
getPropertiespublic java.util.Properties getProperties(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener, boolean tryDefault) throws SSLExceptionLikegetProperties(String, Map, SSLConfigChangeListener), except failing over to the default configuration is a choice.- Parameters:
- sslAliasName- - Used in direct selection. The alias name of a specific SSL configuration (optional). You can pass in "null" here. If sslAliasName is provided but does not exist it will check connection information for a match. Then look for a default if no match with the connection information.
- connectionInfo- - This refers to the remote connection information. The current properties known by the runtime include:- Example OUTBOUND case (endpoint refers more to protocol used since outbound names are not well-known): - com.ibm.ssl.remoteHost="hostname.ibm.com"
- com.ibm.ssl.remotePort="9809"
- com.ibm.ssl.direction="outbound"
 - Example INBOUND case (endpoint name matches serverindex endpoint): It's highly recommended to supply these properties when possible.- com.ibm.ssl.direction="inbound"
- listener- - This is used to notify the caller of this API that the SSL configuration changed in the runtime. It's up to the caller to decide if they want to call this API again to get the new SSLContext for the configuration. Passing in NULL indicates no notification is desired. See the com.ibm.websphere.ssl.SSLConfigChangeListener interface for more information.
- tryDefault- if the specified alias is not available,- trueindicates the default configuration should be tried.
- Returns:
- Properties for the requested sslAliasName. If the requested sslAliasName properties are not available, null is returned.
- Throws:
- SSLException
 
 - 
registerSSLConfigChangeListenerpublic void registerSSLConfigChangeListener(java.lang.String sslAliasName, java.util.Map<java.lang.String,java.lang.Object> connectionInfo, SSLConfigChangeListener listener) throws SSLExceptionThis method registers an SSLConfigChangeListener for the specific SSL configuration chosen based upon the parameters passed in using the precedence logic described in the JavaDoc for the getSSLContext API. The SSLConfigChangeListener must be deregistered by deregisterSSLConfigChangeListener when it is no longer needed. - Parameters:
- sslAliasName-
- connectionInfo-
- listener-
- Throws:
- SSLException
 
 - 
deregisterSSLConfigChangeListenerpublic void deregisterSSLConfigChangeListener(SSLConfigChangeListener listener) throws SSLException This method removes the specific SSLConfigChangeListener from the list of active listeners. - Parameters:
- listener-
- Throws:
- SSLException
 
 - 
doesSSLConfigExistpublic boolean doesSSLConfigExist(java.lang.String sslAliasName) This method checks to ensure the SSL configuration name is known. - Parameters:
- sslAliasName- - Name of the SSL configuration to check to see if it exits.
- Returns:
- boolean
 
 - 
reinitializeClientDefaultSSLPropertiespublic void reinitializeClientDefaultSSLProperties() This method is not implemented. 
 - 
validateSSLPropertiespublic void validateSSLProperties(java.util.Properties props) throws SSLExceptionThis method attempts to create an SSLContext using the properties provided. It is assumed the API is called on the node where the KeyStore information specified in the properties resides. - Parameters:
- props- The SSL properties to validate.
- Throws:
- SSLException
 
 - 
getInboundConnectionInfopublic java.util.Map<java.lang.String,java.lang.Object> getInboundConnectionInfo() This method is used to obtain information about the connection on the thread of execution. This connection information can then be used from Custom Key and Trust Managers. - Returns:
- Map
 
 - 
setInboundConnectionInfopublic void setInboundConnectionInfo(java.util.Map<java.lang.String,java.lang.Object> connectionInfo) This method sets information about the connection on the thread of execution. This connection information can then be used from Custom Key and Trust Managers. This method is invoked prior to an SSL handshake. It's important to clear the thread after use, especially where thread pools are used. It is not cleared up automatically. Pass in "null" to this API to clear it. - Parameters:
- connectionInfo- - This refers to the inbound connection information.
 
 - 
getOutboundConnectionInfopublic java.util.Map<java.lang.String,java.lang.Object> getOutboundConnectionInfo() This method is used to obtain information about the connection on the thread of execution. This connection information can then be used to set the connection information prior to creating and SSL socket. - Returns:
- Map
 
 - 
setOutboundConnectionInfopublic void setOutboundConnectionInfo(java.util.Map<java.lang.String,java.lang.Object> connectionInfo) This method sets information about the connection on the thread of execution. This method is invoked prior to creating an SSL socket. It's important to clear the thread after use, especially where thread pools are used. It is not cleared up automatically. Pass in "null" to this API to clear it. - Parameters:
- connectionInfo-
 
 
- 
 
-