|
Oracle Fusion Middleware Java API Reference for Oracle WebLogic Server 12c (12.1.3) Part Number E41849-02 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SSLMBean
This MBean represents the configuration of the SSL protocol.
Field Summary | |
---|---|
static String |
BUILTIN_SSL_VALIDATION_AND_CERT_PATH_VALIDATORS
Indicates that the built-in SSL certificate validation should be used to complete and validate the peer's certificate chain then the configured CertPathValidator security providers should be used to perform extra validation on the chain. |
static String |
BUILTIN_SSL_VALIDATION_ONLY
Indicates that only the built-in SSL certificate validation should be used to complete and validate the peer's certificate chain. |
static String |
IDENTITY_AND_TRUST_LOCATIONS_FILES_OR_KEYSTORE_PROVIDERS
|
static String |
IDENTITY_AND_TRUST_LOCATIONS_KEYSTORES
|
Fields inherited from interface weblogic.management.configuration.ConfigurationMBean |
---|
DEFAULT_EMPTY_BYTE_ARRAY |
Method Summary | |
---|---|
String[] |
getCiphersuites()
Indicates the cipher suites being used on a particular WebLogic Server. |
String |
getClientCertAlias()
Determines the alias of the client SSL certificate to be used as identity for outbound SSL connections. |
String |
getClientCertPrivateKeyPassPhrase()
The passphrase used to retrieve the private key for the client SSL certificate specified in
from the server configured keystore. |
byte[] |
getClientCertPrivateKeyPassPhraseEncrypted()
The encrypted passphrase used to retrieve the private key for the client SSL certificate specified in
from the server configured keystore. |
int |
getExportKeyLifespan()
Indicates the number of times WebLogic Server can use an exportable key between a domestic server and an exportable client before generating a new key. |
String |
getHostnameVerifier()
The name of the class that implements the weblogic.security.SSL.HostnameVerifier interface. |
String |
getIdentityAndTrustLocations()
Indicates where SSL should find the server's identity (certificate and private key) as well as the server's trust (trusted CAs). |
String |
getInboundCertificateValidation()
Indicates the client certificate validation rules for inbound SSL. |
int |
getListenPort()
The TCP/IP port at which this server listens for SSL connection requests. |
int |
getLoginTimeoutMillis()
Specifies the number of milliseconds that WebLogic Server waits for an SSL connection before timing out. |
String |
getOutboundCertificateValidation()
Indicates the server certificate validation rules for outbound SSL. |
String |
getOutboundPrivateKeyAlias()
The string alias used to store and retrieve the outbound private key in the keystore. |
String |
getOutboundPrivateKeyPassPhrase()
The passphrase used to retrieve the outbound private key from the keystore. |
int |
getPeerValidationEnforced()
Deprecated. 6.1.0.0 this is an unused attribute. |
String |
getServerCertificateChainFileName()
Deprecated. 7.0.0.0 server certificates (and chains) should be stored in keystores. |
String |
getServerCertificateFileName()
Deprecated. 8.1.0.0 server certificates (and chains) should be stored in keystores. |
String |
getServerKeyFileName()
Deprecated. 8.1.0.0 private keys should be stored in keystores. |
String |
getServerPrivateKeyAlias()
The string alias used to store and retrieve the server's private key in the keystore. |
String |
getServerPrivateKeyPassPhrase()
The passphrase used to retrieve the server's private key from the keystore. |
byte[] |
getServerPrivateKeyPassPhraseEncrypted()
The encrypted passphrase used to retrieve the server's private key from the keystore. |
String |
getTrustedCAFileName()
Deprecated. 8.1.0.0 trusted CAs should be stored in keystores. |
boolean |
isAcceptKSSDemoCertsEnabled()
|
boolean |
isAllowUnencryptedNullCipher()
Test if the AllowUnEncryptedNullCipher is enabled |
boolean |
isClientCertificateEnforced()
Indicates whether or not clients must present digital certificates from a trusted certificate authority to WebLogic Server. |
boolean |
isEnabled()
Indicates whether the server can be reached through the default SSL listen port. |
boolean |
isHostnameVerificationIgnored()
Specifies whether to ignore the installed implementation of the weblogic.security.SSL.HostnameVerifier interface (when
this server is acting as a client to another application
server). |
boolean |
isJSSEEnabled()
Determines whether the SSL implementation in Weblogic Server is JSSE based. |
boolean |
isSSLRejectionLoggingEnabled()
Indicates whether warning messages are logged in the server log when SSL connections are rejected. |
boolean |
isTwoWaySSLEnabled()
The form of SSL that should be used. |
boolean |
isUseClientCertForOutbound()
Determines whether to use the configured client SSL certificate as identity for outbound SSL connections. |
boolean |
isUseServerCerts()
Sets whether the client should use the server certificates/key as the client identity when initiating an outbound connection over https. |
void |
setAcceptKSSDemoCertsEnabled(boolean acceptKSSDemoCertsEnabled)
Sets whether the default Hostname Verifier accept KSS Demo SSL Certificates |
void |
setAllowUnencryptedNullCipher(boolean enable)
When a SSL server and a SSL client try to negotiate a commonly supported Cipher, there is a chance that they may end up with nothing in common. |
void |
setCertAuthenticator(String classname)
Sets the value of the CertAuthenticator attribute. |
void |
setCiphersuites(String[] ciphers)
Sets the value of the Ciphersuites attribute. |
void |
setClientCertAlias(String alias)
Specifies the alias of the client SSL certificate to be used as identity for outbound SSL connections. |
void |
setClientCertificateEnforced(boolean enforce)
Sets the value of the ClientCertificateEnforced attribute. |
void |
setClientCertPrivateKeyPassPhrase(String phrase)
Specifies the passphrase used to retrieve the private key for the client SSL certificate specified in
from the server configured keystore. |
void |
setClientCertPrivateKeyPassPhraseEncrypted(byte[] phraseEncrypted)
Specifies the encrypted passphrase used to retrieve the private key for the client SSL certificate specified in
from the server configured keystore. |
void |
setEnabled(boolean enable)
|
void |
setExportKeyLifespan(int lifespan)
Sets the value of the ExportKeyLifespan attribute. |
void |
setHostnameVerificationIgnored(boolean ignoreFlag)
Sets the value of the HostnameVerificationIgnored attribute. |
void |
setHostnameVerifier(String classname)
Sets the value of the HostnameVerifier attribute. |
void |
setIdentityAndTrustLocations(String locations)
Sets the value of the IdentityAndTrustLocations attribute. |
void |
setInboundCertificateValidation(String validationStyle)
Sets the value of the InboundCertificateValidation attribute. |
void |
setJSSEEnabled(boolean enabled)
Specifies whether the SSL implementation in Weblogic Server is JSSE based. |
void |
setListenPort(int port)
Set the value of the ListenPort attribute. |
void |
setLoginTimeoutMillis(int millis)
Sets the value of the LoginTimeoutMillis attribute. |
void |
setOutboundCertificateValidation(String validationStyle)
Sets the value of the OutboundCertificateValidation attribute. |
void |
setPeerValidationEnforced(int checkLevel)
Sets the value of the PeerValidationEnforced attribute. |
void |
setServerCertificateChainFileName(String fileName)
Deprecated. 7.0.0.0 Server certificates (and chains) should be stored in keystores. |
void |
setServerCertificateFileName(String fileName)
Deprecated. 8.1.0.0 server certificates (and chains) should be stored in keystores. |
void |
setServerKeyFileName(String fileName)
Deprecated. 8.1.0.0 private keys should be stored in keystores. |
void |
setServerPrivateKeyAlias(String alias)
Sets the value of the ServerPrivateKeyAlias attribute. |
void |
setServerPrivateKeyPassPhrase(String phrase)
Sets the value of the ServerPrivateKeyPassPhrase attribute. |
void |
setServerPrivateKeyPassPhraseEncrypted(byte[] phraseEncrypted)
Sets the value of the ServerPrivateKeyPassPhrase attribute. |
void |
setSSLRejectionLoggingEnabled(boolean enabled)
Sets the value of the SSLRejectionLoggingEnabled attribute. |
void |
setTrustedCAFileName(String fileName)
Deprecated. 8.1.0.0 trusted CAs should be stored in keystores. |
void |
setTwoWaySSLEnabled(boolean enabled)
Sets the value of the TwoWaySSLEnabled attribute. |
void |
setUseClientCertForOutbound(boolean enabled)
Specifies whether to use the configured client SSL certificate as identity for outbound SSL connections. |
void |
setUseServerCerts(boolean enabled)
Indicates that an https client running within WebLogic server should use the server's certificate and key as the client identity. |
Methods inherited from interface weblogic.management.configuration.ConfigurationMBean |
---|
freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet |
Methods inherited from interface weblogic.management.WebLogicMBean |
---|
getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent |
Methods inherited from interface javax.management.DynamicMBean |
---|
getAttribute, getAttributes, invoke, setAttribute, setAttributes |
Methods inherited from interface javax.management.MBeanRegistration |
---|
postDeregister, postRegister, preDeregister, preRegister |
Methods inherited from interface javax.management.NotificationBroadcaster |
---|
addNotificationListener, getNotificationInfo, removeNotificationListener |
Methods inherited from interface weblogic.descriptor.DescriptorBean |
---|
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener |
Field Detail |
---|
static final String IDENTITY_AND_TRUST_LOCATIONS_KEYSTORES
static final String IDENTITY_AND_TRUST_LOCATIONS_FILES_OR_KEYSTORE_PROVIDERS
static final String BUILTIN_SSL_VALIDATION_ONLY
static final String BUILTIN_SSL_VALIDATION_AND_CERT_PATH_VALIDATORS
Method Detail |
---|
boolean isEnabled()
Indicates whether the server can be reached through the default SSL listen port.
If the administration port is enabled for the WebLogic Server domain, then administrative traffic travels over the administration port and application traffic travels over the Listen Port and SSL Listen Port. If the administration port is disabled, then all traffic travels over the Listen Port and SSL Listen Port.
void setEnabled(boolean enable) throws InvalidAttributeValueException
enable
- The new enabled value
InvalidAttributeValueException
SSLMBean.isEnabled()
String[] getCiphersuites()
Indicates the cipher suites being used on a particular WebLogic Server.
The strongest negotiated cipher suite is chosen during the SSL handshake. The set of cipher suites used by default by JSEE depends on the specific JDK version with which WebLogic Server is configured.
For a list of possible values, see Cipher Suites.
void setCiphersuites(String[] ciphers) throws InvalidAttributeValueException
Sets the value of the Ciphersuites attribute.
ciphers
- The new ciphersuites value
InvalidAttributeValueException
- if the array is null or contains null elements.SSLMBean.getCiphersuites()
void setCertAuthenticator(String classname) throws InvalidAttributeValueException
Sets the value of the CertAuthenticator attribute.
classname
- The new certAuthenticator value
InvalidAttributeValueException
SSLMBean.getCertAuthenticator()
String getHostnameVerifier()
The name of the class that implements the
weblogic.security.SSL.HostnameVerifier
interface.
This class verifies whether the connection to the host with the
hostname from URL should be allowed. The class is used to prevent
man-in-the-middle attacks. The
weblogic.security.SSL.HostnameVerifier
has a
verify()
method that WebLogic Server calls on the client
during the SSL handshake.
void setHostnameVerifier(String classname) throws InvalidAttributeValueException
Sets the value of the HostnameVerifier attribute.
classname
- The new hostnameVerifier value
InvalidAttributeValueException
SSLMBean.getHostnameVerifier()
boolean isHostnameVerificationIgnored()
Specifies whether to ignore the installed implementation of the
weblogic.security.SSL.HostnameVerifier
interface (when
this server is acting as a client to another application
server).
void setHostnameVerificationIgnored(boolean ignoreFlag) throws InvalidAttributeValueException
Sets the value of the HostnameVerificationIgnored attribute.
ignoreFlag
- The new hostnameVerificationIgnored value
InvalidAttributeValueException
SSLMBean.isHostnameVerificationIgnored()
String getTrustedCAFileName()
The full directory location of the file that specifies the certificate authorities trusted by the server.
The pathname should either be absolute or relative to the directory from which the server is booted. This field provides backward compatibility for security configurations that store trusted certificate authorities in files.
The file specified in this attribute can contain a single
digital certificate or multiple digital certificates. The file
extension ( .der
or .pem
) tells WebLogic Server
how to read the contents of the file.
void setTrustedCAFileName(String fileName) throws InvalidAttributeValueException
Sets the value of the TrustedCAFileName attribute.
fileName
- The new trustedCAFileName value
InvalidAttributeValueException
SSLMBean.getTrustedCAFileName()
int getPeerValidationEnforced()
void setPeerValidationEnforced(int checkLevel) throws InvalidAttributeValueException
Sets the value of the PeerValidationEnforced attribute.
checkLevel
- The new peerValidationEnforced value
InvalidAttributeValueException
SSLMBean.getPeerValidationEnforced()
boolean isAcceptKSSDemoCertsEnabled()
void setAcceptKSSDemoCertsEnabled(boolean acceptKSSDemoCertsEnabled)
Sets whether the default Hostname Verifier accept KSS Demo SSL Certificates
acceptKSSDemoCertsEnabled
- whether to accept KSS Demo SSL certificatesint getExportKeyLifespan()
Indicates the number of times WebLogic Server can use an exportable key between a domestic server and an exportable client before generating a new key. The more secure you want WebLogic Server to be, the fewer times the key should be used before generating a new key.
void setExportKeyLifespan(int lifespan) throws InvalidAttributeValueException
Sets the value of the ExportKeyLifespan attribute.
lifespan
- The new exportKeyLifespan value
InvalidAttributeValueException
SSLMBean.getExportKeyLifespan()
boolean isClientCertificateEnforced()
Indicates whether or not clients must present digital certificates from a trusted certificate authority to WebLogic Server.
void setClientCertificateEnforced(boolean enforce)
Sets the value of the ClientCertificateEnforced attribute.
enforce
- The new clientCertificateEnforced valueSSLMBean.isClientCertificateEnforced()
String getServerCertificateFileName()
The full directory location of the digital certificate file
(.der
or .pem
) for the server.
The pathname should either be absolute or relative to the directory from which the server is booted. This field provides backward compatibility for security configurations that stored digital certificates in files.
The file extension ( .der
or .pem
) tells
WebLogic Server how to read the contents of the file.
void setServerCertificateFileName(String fileName)
Sets the value of the ServerCertificateFileName attribute.
fileName
- The new serverCertificateFileName valueSSLMBean.getServerCertificateFileName()
int getListenPort()
The TCP/IP port at which this server listens for SSL connection requests.
SSLMBean.isEnabled()
,
ServerTemplateMBean.getListenPort()
,
ServerTemplateMBean.getAdministrationPort()
,
NetworkAccessPointMBean.getListenPort()
void setListenPort(int port)
Set the value of the ListenPort attribute.
port
- The new listenPort valueSSLMBean.getListenPort()
String getServerCertificateChainFileName()
The full directory location and name of the file containing an ordered list of certificate authorities trusted by WebLogic Server.
The .pem
file extension indicates that method that
should be used to read the file. Note that as of WebLogic Server
version 7.0, the digital certificate for WebLogic Server should not
be stored in a file.
void setServerCertificateChainFileName(String fileName)
Sets the value of the ServerCertificateChainFileName attribute.
fileName
- The new serverCertificateChainFileName valueSSLMBean.getServerCertificateChainFileName()
int getLoginTimeoutMillis()
Specifies the number of milliseconds that WebLogic Server waits for an SSL connection before timing out. SSL connections take longer to negotiate than regular connections.
If clients are connecting over the Internet, raise the default number to accommodate additional network latency.
ServerTemplateMBean.getLoginTimeoutMillis()
,
NetworkChannelMBean.getLoginTimeoutMillisSSL()
void setLoginTimeoutMillis(int millis)
Sets the value of the LoginTimeoutMillis attribute.
millis
- The new loginTimeoutMillis valueSSLMBean.getLoginTimeoutMillis()
String getServerKeyFileName()
The full directory location of the private key file
(.der
or .pem
) for the server.
The pathname should either be absolute or relative to the directory from which the server is booted. This field provides backward compatibility for security configurations that store private keys in files. For a more secure deployment, Oracle recommends saving private keys in keystores.
The file extension (.der
or .pem
) indicates
the method that should be used to read the file.
void setServerKeyFileName(String fileName)
Sets the value of the ServerKeyFileName attribute.
fileName
- The new serverKeyFileName valueSSLMBean.getServerKeyFileName()
boolean isTwoWaySSLEnabled()
The form of SSL that should be used.
By default, WebLogic Server is configured to use one-way SSL
(implied by the Client Certs Not Requested
value).
Selecting Client Certs Requested But Not Enforced
enables
two-way SSL. With this option, the server requests a certificate
from the client, but the connection continues if the client does
not present a certificate. Selecting Client Certs Requested And
Enforced
also enables two-way SSL and requires a client to
present a certificate. However, if a certificate is not presented,
the SSL connection is terminated.
void setTwoWaySSLEnabled(boolean enabled)
Sets the value of the TwoWaySSLEnabled attribute.
enabled
- The new twoWaySSLEnabled valueSSLMBean.isTwoWaySSLEnabled()
String getServerPrivateKeyAlias()
The string alias used to store and retrieve the server's private key in the keystore. This private key is associated with the server's digital certificate.
void setServerPrivateKeyAlias(String alias)
Sets the value of the ServerPrivateKeyAlias attribute.
alias
- The new serverPrivateKeyAlias valueSSLMBean.getServerPrivateKeyAlias()
String getServerPrivateKeyPassPhrase()
The passphrase used to retrieve the server's private key from the keystore. This passphrase is assigned to the private key when it is generated.
void setServerPrivateKeyPassPhrase(String phrase)
Sets the value of the ServerPrivateKeyPassPhrase attribute.
As of 8.1 sp4, when you get the value of this attribute, WebLogic Server does the following:
ServerPrivateKeyPassPhraseEncrypted
attribute.
When you set the value of this attribute, WebLogic Server does the following:
ServerPrivateKeyPassPhraseEncrypted
attribute to the
encrypted value.Using this attribute (ServerPrivateKeyPassPhrase
) is a potential
security risk because
the String object (which contains the unencrypted passphrase) remains in
the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how
memory is allocated in the JVM, a significant amount of time could pass
before this unencrypted data is removed from memory.
Instead of using this attribute, use
getServerPrivateKeyPassPhraseEncrypted
.
phrase
- The new serverPrivateKeyPassPhrase valueSSLMBean.getServerPrivateKeyPassPhrase()
,
SSLMBean.setServerPrivateKeyPassPhraseEncrypted(byte[])
byte[] getServerPrivateKeyPassPhraseEncrypted()
The encrypted passphrase used to retrieve the server's private key from the keystore. This passphrase is assigned to the private key when it is generated.
To set this attribute, use weblogic.management.EncryptionHelper.encrypt()
to encrypt the value. Then set this attribute to the output of the encrypt() method.
To compare a password that a user enters with the encrypted
value of this attribute, go to the same WebLogic Server instance
that you used to set and encrypt this attribute
and use weblogic.management.EncryptionHelper.encrypt()
to encrypt the user-supplied password. Then compare the encrypted values.
void setServerPrivateKeyPassPhraseEncrypted(byte[] phraseEncrypted)
Sets the value of the ServerPrivateKeyPassPhrase attribute.
phraseEncrypted
- The new encrypted serverPrivateKeyPassPhrase valueSSLMBean.getServerPrivateKeyPassPhraseEncrypted()
boolean isSSLRejectionLoggingEnabled()
Indicates whether warning messages are logged in the server log when SSL connections are rejected.
void setSSLRejectionLoggingEnabled(boolean enabled)
Sets the value of the SSLRejectionLoggingEnabled attribute.
enabled
- The new sSLRejectionLoggingEnabled valueSSLMBean.isSSLRejectionLoggingEnabled()
String getIdentityAndTrustLocations()
Indicates where SSL should find the server's identity (certificate and private key) as well as the server's trust (trusted CAs).
If set to KEYSTORES
, then SSL retrieves the
identity and trust from the server's keystores (that are configured
on the Server).
If set to FILES_OR_KEYSTORE_PROVIDERS
, then SSL
first looks in the deprecated KeyStore providers for the identity
and trust. If not found, then it looks in the flat files indicated
by the SSL Trusted CA File Name, Server Certificate File Name, and
Server Key File Name attributes.
Domains created in WebLogic Server version 8.1 or later, default
to KEYSTORES
. Domains created before WebLogic Server
version 8.1, default to
FILES_OR_KEYSTORE_PROVIDERS.
void setIdentityAndTrustLocations(String locations)
Sets the value of the IdentityAndTrustLocations attribute.
locations
- The new identityAndTrustLocations valueSSLMBean.getIdentityAndTrustLocations()
String getInboundCertificateValidation()
Indicates the client certificate validation rules for inbound SSL.
This attribute only applies to ports and network channels using 2-way SSL.
void setInboundCertificateValidation(String validationStyle)
Sets the value of the InboundCertificateValidation attribute.
validationStyle
- the new validation styleSSLMBean.getInboundCertificateValidation()
String getOutboundCertificateValidation()
Indicates the server certificate validation rules for outbound SSL.
This attribute always applies to outbound SSL that is part of
WebLogic Server (that is, an Administration Server talking to the
Node Manager). It does not apply to application code in the server
that is using outbound SSL unless the application code uses a
weblogic.security.SSL.ServerTrustManager
that is
configured to use outbound SSL validation.
void setOutboundCertificateValidation(String validationStyle)
Sets the value of the OutboundCertificateValidation attribute.
validationStyle
- the new validation styleSSLMBean.getOutboundCertificateValidation()
void setAllowUnencryptedNullCipher(boolean enable)
When a SSL server and a SSL client try to negotiate a commonly supported Cipher, there is a chance that they may end up with nothing in common. A NullCipher is a cipher providing no encryption for the SSL message between the client and server, and it may temporarily be used in the development environment if the SSL server and client share no common cipher for some reason. This is not a standard SSL feature, some SSL provider supports this feature
The AllowUnEncryptedNullCipher flag is used to control whether the NullCipher feature is enabled or not, if true, the SSL message may be unencrypted when SSL server and client shares no common cipher.
This AllowUnEncryptedNullCipher flag is only effective to SSL providers which support the NullCipher feature.
Warning: this NullCipher feature should NOT be enabled for a production environment, it may leads to unencrypted SSL message
By default, the AllowUnEncryptedNullCipher is false
enable
- true to allow NullCipher featureboolean isAllowUnencryptedNullCipher()
Test if the AllowUnEncryptedNullCipher is enabled
see
setAllowUnencryptedNullCipher(boolean enable)
for the NullCipher feature.
boolean isUseServerCerts()
void setUseServerCerts(boolean enabled)
enabled
- Uses the server identity for the client
void setJSSEEnabled(boolean enabled)
enabled
- true
to select the JSSE-based SSL implementationboolean isJSSEEnabled()
true
if the selected Weblogic Server SSL implementation
is JSSE based, otherwise false
.void setUseClientCertForOutbound(boolean enabled)
SSLMBean.setClientCertAlias(java.lang.String)
.
enabled
- true
to enable use of the configured client SSL
certificate for outbound connections, otherwise false
.SSLMBean.isUseClientCertForOutbound()
,
SSLMBean.setClientCertAlias(java.lang.String)
boolean isUseClientCertForOutbound()
SSLMBean.setClientCertAlias(java.lang.String)
.
true
if use of the configured client SSL
certificate for outbound SSL connections is enabled.SSLMBean.setUseClientCertForOutbound(boolean)
,
SSLMBean.getClientCertAlias()
void setClientCertAlias(String alias)
SSLMBean.setUseClientCertForOutbound(boolean)
must be enabled.
alias
- Alias of the client SSL certificate in the server configured keystoreSSLMBean.getClientCertAlias()
,
SSLMBean.setUseClientCertForOutbound(boolean)
String getClientCertAlias()
SSLMBean.setUseClientCertForOutbound(boolean)
must be enabled.
SSLMBean.setClientCertAlias(java.lang.String)
,
SSLMBean.isUseClientCertForOutbound()
String getClientCertPrivateKeyPassPhrase()
SSLMBean.getClientCertAlias()
from the server configured keystore. This passphrase is assigned to the
private key when the private key is generated.
Note that this attribute is usually used when outbound SSL connections
specify a client SSL certificate identity.
Note that when you get the value of this attribute,
WebLogic Server does the following:
ClientCertPrivateKeyPassPhraseEncrypted
attribute.
SSLMBean.setClientCertPrivateKeyPassPhrase(java.lang.String)
,
SSLMBean.isUseClientCertForOutbound()
,
SSLMBean.getClientCertAlias()
void setClientCertPrivateKeyPassPhrase(String phrase)
SSLMBean.getClientCertAlias()
from the server configured keystore. This passphrase is assigned to the
private key when the private key is generated.
Note that this attribute is usually used when outbound SSL connections
specify a client SSL certificate identity.
Note that when you set the value of this attribute,
WebLogic Server does the following:
ClientCertPrivateKeyPassPhraseEncrypted
attribute to the
encrypted value.
phrase
- The client SSL certificate private key pass phrase.SSLMBean.getClientCertPrivateKeyPassPhrase()
,
SSLMBean.setUseClientCertForOutbound(boolean)
,
SSLMBean.setClientCertAlias(java.lang.String)
byte[] getClientCertPrivateKeyPassPhraseEncrypted()
SSLMBean.getClientCertAlias()
from the server configured keystore. This passphrase is assigned to the
private key when the private key is generated.
To compare a password that a user enters with the encrypted
value of this attribute, go to the same WebLogic Server instance
that you used to set and encrypt this attribute,
and use weblogic.management.EncryptionHelper.encrypt()
to encrypt the user-supplied password. Then compare the encrypted values.
Note that this attribute is usually used when outbound SSL connections specify
a client SSL certificate identity.
SSLMBean.setClientCertPrivateKeyPassPhraseEncrypted(byte[])
,
SSLMBean.isUseClientCertForOutbound()
,
SSLMBean.getClientCertAlias()
,
SSLMBean.getClientCertPrivateKeyPassPhrase()
void setClientCertPrivateKeyPassPhraseEncrypted(byte[] phraseEncrypted)
SSLMBean.getClientCertAlias()
from the server configured keystore. This passphrase is assigned to the
private key when the private key is generated.
Note that to set this attribute,
use weblogic.management.EncryptionHelper.encrypt()
to encrypt the value. Then set this attribute to the output of the encrypt() method.
Note that this attribute is usually used when outbound SSL connections specify
a client SSL certificate identity.
phraseEncrypted
- The encrypted ClientCertPrivateKeyPassPhrase valueSSLMBean.getClientCertPrivateKeyPassPhraseEncrypted()
,
SSLMBean.setUseClientCertForOutbound(boolean)
,
SSLMBean.setClientCertAlias(java.lang.String)
,
SSLMBean.setClientCertPrivateKeyPassPhrase(java.lang.String)
String getOutboundPrivateKeyAlias()
The string alias used to store and retrieve the outbound private key in the keystore. This private key is associated with either a server or a client digital certificate. This attribute value is derived from other settings and cannot be physically set.
The returned value is determined as follows:
SSLMBean.isUseClientCertForOutbound()
returns true,
the value from SSLMBean.getClientCertAlias()
is returned.
SSLMBean.getServerPrivateKeyAlias()
is returned.
SSLMBean.isUseClientCertForOutbound()
,
SSLMBean.getClientCertAlias()
,
SSLMBean.getServerPrivateKeyAlias()
String getOutboundPrivateKeyPassPhrase()
The passphrase used to retrieve the outbound private key from the keystore. This passphrase is assigned to the private key when it is generated. This attribute value is derived from other settings and cannot be physically set.
The returned value is determined as follows:
SSLMBean.isUseClientCertForOutbound()
returns true,
the value from SSLMBean.getClientCertPrivateKeyPassPhrase()
is returned.
SSLMBean.getServerPrivateKeyPassPhrase()
is returned.
SSLMBean.isUseClientCertForOutbound()
,
SSLMBean.getClientCertPrivateKeyPassPhrase()
,
SSLMBean.getServerPrivateKeyPassPhrase()
|
Copyright 1996, 2014, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Oracle Fusion Middleware Java API Reference for Oracle WebLogic Server 12c (12.1.3) Part Number E41849-02 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |