SSL - dogtagpki/jss GitHub Wiki
To specify the SSL version range:
int min = ...; int max = ...; SSLProtocolVariant protoVariant = ...; SSLVersionRange range = new SSLVersionRange(min, max); SSLSocket.setSSLVersionRangeDefault(protoVariant, range);
To enable/disable a cipher:
int cipherID = ...; boolean state = ...; SSLSocket.setCipherPreferenceDefault(cipherID, state);
To enable/disable SSL 2 for all subsequently opened sockets:
boolean enable = ...; SSLSocket.enableSSL2Default(enable);
To enable/disable SSL 3 for all subsequently opened sockets:
boolean enable = ...; SSLSocket.enableSSL3Default(true);
To enable/disable TLS for all subsequently opened sockets:
boolean enable = ...; SSLSocket.enableTLSDefault(true);
public interface SSLCertificateApprovalCallback { public boolean approve(X509Certificate cert, ValidityStatus status); } public interface SSLClientCertificateSelectionCallback { public String select(Vector nicknames); }
SSLCertificateApprovalCallback certApprovalCallback = ...; SSLClientCertificateSelectionCallback clientCertSelectionCallback = ...; Socket socket = new SSLSocket( remoteAddr, remotePort, localAddr, localPort, certApprovalCallback, clientCertSelectionCallback );