SslDomain (Qpid Proton-J API)

All Known Subinterfaces:

ProtonJSslDomain

All Known Implementing Classes:

SslDomainImpl
```
public interface SslDomain
```
I store the details used to create SSL sessions.

Nested Class Summary

Nested Classes
Modifier and Type	Interface and Description
`static class`	`SslDomain.Factory`
`static class`	`SslDomain.Mode` Determines whether the endpoint acts as a client or server.
`static class`	`SslDomain.VerifyMode` Determines the level of peer validation.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`allowUnsecuredClient()`
`void`	`allowUnsecuredClient(boolean allowUnsecured)` Permit a server to accept connection requests from non-SSL clients.
`java.lang.String`	`getCertificateFile()`
`SslDomain.Mode`	`getMode()`
`SslDomain.VerifyMode`	`getPeerAuthentication()`
`java.lang.String`	`getPrivateKeyFile()`
`java.lang.String`	`getPrivateKeyPassword()`
`javax.net.ssl.SSLContext`	`getSslContext()` Returns the SSLContext set by `setSslContext(SSLContext)`.
`java.lang.String`	`getTrustedCaDb()`
`void`	`init(SslDomain.Mode mode)` Initialize the ssl domain object.
`void`	`setCredentials(java.lang.String certificateFile, java.lang.String privateKeyFile, java.lang.String password)` Set the certificate that identifies the local node to the remote.
`void`	`setPeerAuthentication(SslDomain.VerifyMode mode)` Configure the level of verification used on the peer certificate.
`void`	`setSslContext(javax.net.ssl.SSLContext sslContext)` Sets an SSLContext for use when establishing SSL transport.
`void`	`setTrustedCaDb(java.lang.String certificateDb)` Configure the set of trusted CA certificates used by this node to verify peers.

- Method Detail
  - init
```
void init(SslDomain.Mode mode)
```
    Initialize the ssl domain object. An SSL object be either an SSL server or an SSL client. It cannot be both. Those transports that will be used to accept incoming connection requests must be configured as an SSL server. Those transports that will be used to initiate outbound connections must be configured as an SSL client.
  - getMode
```
SslDomain.Mode getMode()
```
  - setCredentials
```
void setCredentials(java.lang.String certificateFile,
                    java.lang.String privateKeyFile,
                    java.lang.String password)
```
    Set the certificate that identifies the local node to the remote. This certificate establishes the identity for the local node. It will be sent to the remote if the remote needs to verify the identity of this node. This may be used for both SSL servers and SSL clients (if client authentication is required by the server).
    
    Parameters:
    
    certificateFile - path to file/database containing the identifying certificate.
    
    privateKeyFile - path to file/database containing the private key used to sign the certificate
    
    password - the password used to sign the key, else null if key is not protected.
  - getPrivateKeyFile
```
java.lang.String getPrivateKeyFile()
```
  - getPrivateKeyPassword
```
java.lang.String getPrivateKeyPassword()
```
  - getCertificateFile
```
java.lang.String getCertificateFile()
```
  - setTrustedCaDb
```
void setTrustedCaDb(java.lang.String certificateDb)
```
    Configure the set of trusted CA certificates used by this node to verify peers. If the local SSL client/server needs to verify the identity of the remote, it must validate the signature of the remote's certificate. This function sets the database of trusted CAs that will be used to verify the signature of the remote's certificate.
    
    Parameters:
    
    certificateDb - database of trusted CAs, used to authenticate the peer.
  - getTrustedCaDb
```
java.lang.String getTrustedCaDb()
```
  - setPeerAuthentication
```
void setPeerAuthentication(SslDomain.VerifyMode mode)
```
    Configure the level of verification used on the peer certificate. This method controls how the peer's certificate is validated, if at all. By default, neither servers nor clients attempt to verify their peers (SslDomain.VerifyMode.ANONYMOUS_PEER). Once certificates and trusted CAs are configured, peer verification can be enabled. In order to verify a peer, a trusted CA must be configured. See setTrustedCaDb(String). NOTE: Servers must provide their own certificate when verifying a peer. See setCredentials(String, String, String)).
    
    Parameters:
    
    mode - the level of validation to apply to the peer
  - getPeerAuthentication
```
SslDomain.VerifyMode getPeerAuthentication()
```
  - allowUnsecuredClient
```
void allowUnsecuredClient(boolean allowUnsecured)
```
    Permit a server to accept connection requests from non-SSL clients. This configures the server to "sniff" the incoming client data stream, and dynamically determine whether SSL/TLS is being used. This option is disabled by default: only clients using SSL/TLS are accepted.
  - allowUnsecuredClient
```
boolean allowUnsecuredClient()
```
  - setSslContext
```
void setSslContext(javax.net.ssl.SSLContext sslContext)
```
    Sets an SSLContext for use when establishing SSL transport. Setting a context this way overrides alternate configuration that might otherwise have been used to create a context, such as key and trust store paths.
    
    Parameters:
    
    sslContext - the context to use
  - getSslContext
```
javax.net.ssl.SSLContext getSslContext()
```
    Returns the SSLContext set by setSslContext(SSLContext).
    
    Returns:
    
    the SSLContext, or null if none was set.

Interface SslDomain

Nested Class Summary

Method Summary

Method Detail

init

getMode

setCredentials

getPrivateKeyFile

getPrivateKeyPassword

getCertificateFile

setTrustedCaDb

getTrustedCaDb

setPeerAuthentication

getPeerAuthentication

allowUnsecuredClient

allowUnsecuredClient

setSslContext

getSslContext