Package COM.activesw.api.client

Class BrokerSSLConfigV2

java.lang.Object
COM.activesw.api.client.BrokerSSLConfigV2
public class BrokerSSLConfigV2 extends Object
This class is a data structure used to describe a broker's SSL configuration.

  • Constructor Details

    • BrokerSSLConfigV2

      public BrokerSSLConfigV2()
      Create an empty SSL config object

    • BrokerSSLConfigV2

      public BrokerSSLConfigV2(BrokerSSLConfigV2 source)

  • Method Details

    • getKeystore

      public String getKeystore()
      Get the SSL Keystore used by this configuration
      Returns:
      the SSL Keystore

    • setKeystore

      public void setKeystore(String newKeystore)
      Set the SSL Keystore used by this configuration. The newKeystore parameter must be the full path to the keystore file on the machine where the Broker Server is running.
      Parameters:
      newKeystore - path to keystore

    • getKeystorePassword

      public String getKeystorePassword()
      Returns the password for the keystore
      Returns:
      the password for the keystore

    • setKeystorePassword

      public void setKeystorePassword(String newPassword)
      Set the password for the keystore
      Parameters:
      newPassword - keystore password

    • getKeystoreType

      public BrokerSSLConfigV2.KeystoreType getKeystoreType()
      Return the type of the keystore file
      Returns:
      the keystore file type

    • setKeystoreType

      public void setKeystoreType(BrokerSSLConfigV2.KeystoreType newKeystoreType)
      Set the keystore file type.
      Parameters:
      newKeystoreType - the type of the keystore file

    • setKeystoreType

      public void setKeystoreType(String newKeystoreType) throws BrokerSSLConfigException
      Set the keystore file type. The type must be:
    • KEYSTORE_TYPE_PKCS12/code>
    • KEYSTORE_TYPE_PEM or
    • null

      If the type is null, then the default keystore type (KEYSTORE_TYPE_PKCS12) is used.

      • Parameters:
      newKeystoreType - the type of the keystore file
      Throws:
      BrokerSSLConfigException - if the keystore type is not valid

    • getTruststore

      public String getTruststore()
      Get the SSL Truststore used by this configuration
      Returns:
      the SSL Truststore

    • setTruststore

      public void setTruststore(String newTruststore)
      Set the SSL Truststore used by this configuration. The newTruststore parameter must be the full path to the truststore file on the machine where the Broker Server is running.
      Parameters:
      newTruststore - path to keystore

    • getTruststoreType

      public BrokerSSLConfigV2.TruststoreType getTruststoreType()
      Return the type of the truststore file
      Returns:
      the truststore file type

    • setTruststoreType

      public void setTruststoreType(BrokerSSLConfigV2.TruststoreType newTruststoreType)
      Set the truststore file type.
      Parameters:
      newTruststoreType - the type of the truststore file

    • setTruststoreType

      public void setTruststoreType(String newTruststoreType) throws BrokerSSLConfigException
      Set the truststore file type. The type must be:
    • TRUSTSTORE_TYPE_PEM/code>
    • TRUSTSTORE_TYPE_DIR or
    • null

      If the type is null, then the default truststore type (TRUSTSTORE_TYPE_PEM) is used.

      • Parameters:
      newTruststoreType - the type of the truststore file
      Throws:
      BrokerSSLConfigException - if the truststore type is not valid

    • getSslProtocol

      public BrokerSSLConfigV2.SSLProtocol getSslProtocol()
      Get the current SSL Protocols allowed
      Returns:
      the current SSL protocols allowed with this configuration

    • setSslProtocol

      public void setSslProtocol(String newSslProtocol) throws BrokerSSLConfigException
      Set the SSL protocols that this configuration allows. The allowed values are:
    • SSL_PROTOCOL_ALL
    • SSL_PROTOCOL_SSLV3 or
    • SSL_PROTOCOL_TLSV1 or
    • null

      If the type is null, then the default SSL protocol type (SSL_PROTOCOL_ALL) is used.

      SSL_PROTOCOL_ALL allows the use of either SSLv3 or TLSv1. It does not allow SSLv2 or earlier.

      • Parameters:
      newSslProtocol - the protocols to allow
      Throws:
      BrokerSSLConfigException - if the specified protocol is not valid

    • getCrl

      public String getCrl()
      Get the SSL Crl used by this configuration
      Returns:
      the path to the SSL CRL file used by this configuration.

    • setCrl

      public void setCrl(String crl)
      Set the SSL Crl used by this configuration. The crl parameter must be the full path to the crl file on the machine where the Broker Server is running.
      Parameters:
      crl - path to crl

    • getCrlType

      public BrokerSSLConfigV2.CRLType getCrlType()
      Return the type of the crl file
      Returns:
      the crl file type

    • setCrlType

      public void setCrlType(String crlType) throws BrokerSSLConfigException
      Set the crl file type. The type must be:
    • PEM
      • ,
    • DER
      •

      If the crl type is null, then the default crl type (PEM) is used.

      Parameters:
      crlType - the type of the crl file
      Throws:
      BrokerSSLConfigException - if the crl type is not valid

    • getCipherSuites

      public String getCipherSuites()
      Return the current cipher suites specification for this configuration
      Returns:
      the current cipher suites string

    • setCipherSuites

      public void setCipherSuites(String newCipherSuites)
      Specify the cipher suites to allow with this configuration.

      The string must be in OpenSSL format but is not checked by the API.

      Parameters:
      newCipherSuites - the cipher suite specification

    • getVerifyDepth

      public int getVerifyDepth()
      Get the number of CA certificates in a verification chain to check. If the certificate chain exceeds this number, then the connection is rejected.
      Returns:
      the current maximum number

    • setVerifyDepth

      public void setVerifyDepth(int newVerifyDepth) throws BrokerSSLConfigException
      Set the maximum number of CA certificates to verify in a certificate chain.

      The default is 9.

      Parameters:
      newVerifyDepth - the max number of certificates to verify
      Throws:
      BrokerSSLConfigException - if the specified number is less than zero

    • equals

      public boolean equals(Object sslConfig)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString(int indent_level)
      Convert to a string. The "indent_level" is the number of 4-space indents that the output should be generated for.