SSL - dogtagpki/jss GitHub Wiki
To specify the SSL version range:
int min = ...; int max = ...; SSLProtocolVariant protoVariant = ...; SSLVersionRange range = new SSLVersionRange(min, max); SSLSocket.setSSLVersionRangeDefault(protoVariant, range);
To enable/disable a cipher:
int cipherID = ...; boolean state = ...; SSLSocket.setCipherPreferenceDefault(cipherID, state);
To enable/disable SSL 2 for all subsequently opened sockets:
boolean enable = ...; SSLSocket.enableSSL2Default(enable);
To enable/disable SSL 3 for all subsequently opened sockets:
boolean enable = ...; SSLSocket.enableSSL3Default(true);
To enable/disable TLS for all subsequently opened sockets:
boolean enable = ...; SSLSocket.enableTLSDefault(true);
public interface SSLCertificateApprovalCallback {
public boolean approve(X509Certificate cert, ValidityStatus status);
}
public interface SSLClientCertificateSelectionCallback {
public String select(Vector nicknames);
}
SSLCertificateApprovalCallback certApprovalCallback = ...;
SSLClientCertificateSelectionCallback clientCertSelectionCallback = ...;
Socket socket = new SSLSocket(
remoteAddr,
remotePort,
localAddr,
localPort,
certApprovalCallback,
clientCertSelectionCallback
);