WebLogic Server 8.1 API Reference: Interface SSLMBean

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

BEA Systems, Inc.

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

WebLogic Server 8.1 API Reference

weblogic.management.configuration
Interface SSLMBean

public interface SSLMBean
extends ConfigurationMBean

This MBean represents the configuration of the SSL protocol for version 6.x and version 7.0 WebLogic Server deployments.

Author:: Copyright © 2004 BEA Systems, Inc. All Rights Reserved.

Field Summary
`static long`	`CACHING_STUB_SVUID`
`static java.lang.String`	`IDENTITY_AND_TRUST_LOCATIONS_FILES_OR_KEYSTORE_PROVIDERS`
`static java.lang.String`	`IDENTITY_AND_TRUST_LOCATIONS_KEYSTORES`

Fields inherited from class weblogic.management.configuration.ConfigurationMBean

CACHING_STUB_SVUID,  
DEFAULT_EMPTY_BYTE_ARRAY

Method Summary
`java.lang.String`	`getCertAuthenticator()` The name of the Java class that implements the `weblogic.security.acl.CertAuthenticator` class.
`int`	`getCertificateCacheSize()` The number of certificates held that have not been redeemed by tokens.
`java.lang.String[]`	`getCiphersuites()` Specifies the cipher suites being used on a particular WebLogic Server.
`int`	`getExportKeyLifespan()` Specifies the number of times WebLogic Server can use an exportable key between a domestic server and an exportable client before generating a new key.
`java.lang.String`	`getHostnameVerifier()` The name of the class that implements the `weblogic.security.SSL.HostnameVerifier` class.
`java.lang.String`	`getIdentityAndTrustLocations()` Indicates where SSL should find the server's identity (certificate and private key) as well as the server's trust (trusted CAs).
`int`	`getListenPort()` The TCP/IP port at which the WebLogic Server listens for SSL connection requests.
`int`	`getLoginTimeoutMillis()` Specifies the number of milliseconds that WebLogic Server waits for an SSL connection before timing out.
`int`	`getPeerValidationEnforced()` Deprecated. As of WLS 6.1, this is an unused attribute
`java.lang.String`	`getServerCertificateChainFileName()` Deprecated. Deprecated in WebLogic Server version 7.0.
`java.lang.String`	`getServerCertificateFileName()` Deprecated. as of 8.1, server certificates (and chains) should be stored in keystores.
`java.lang.String`	`getServerKeyFileName()` Deprecated. as of 8.1, private keys should be stored in keystores.
`java.lang.String`	`getServerPrivateKeyAlias()` The string alias used to store and retrieve the server's private key in the keystore.
`java.lang.String`	`getServerPrivateKeyPassPhrase()` The passphrase used to retrieve the server's private key from the keystore.
`byte[]`	`getServerPrivateKeyPassPhraseEncrypted()` The encrypted passphrase used to retrieve the server's private key from the keystore.
`java.lang.String`	`getTrustedCAFileName()` Deprecated. as of 8.1, trusted CAs should be stored in keystores.
`boolean`	`isClientCertificateEnforced()` Defines whether or not clients must present digital certificates from a trusted certificate authority to WebLogic Server.
`boolean`	`isEnabled()` Indicates whether the SSL port in the SSLMBean is enabled.
`boolean`	`isHandlerEnabled()` Not used.
`boolean`	`isHostnameVerificationIgnored()` Indicates whether the installed implementation of the `weblogic.security.SSL.HostnameVerifier` class is enabled.
`boolean`	`isKeyEncrypted()` This attribute is no longer used as of WLS 7.0.
`boolean`	`isSSLRejectionLoggingEnabled()` This setting controls whether logging is done when a connection over SSL is rejected.
`boolean`	`isTwoWaySSLEnabled()` Is two way SSL enabled?
`boolean`	`isUseJava()` Enables the use of native Java libraries.
`void`	`setCertAuthenticator(java.lang.String classname)` Sets the certAuthenticator attribute of the SSLMBean object
`void`	`setCertificateCacheSize(int size)` Set the number of certificates held that have not been redeemed by tokens.
`void`	`setCiphersuites(java.lang.String[] ciphers)` Sets the ciphersuites attribute of the SSLMBean object
`void`	`setClientCertificateEnforced(boolean enforce)` Defines whether or not clients must present digital certificates from a trusted certificate authority to WebLogic Server.
`void`	`setEnabled(boolean enable)`
`void`	`setExportKeyLifespan(int lifespan)` Set the lifespan of the SSL server encryption key.
`void`	`setHandlerEnabled(boolean enable)` Not used.
`void`	`setHostnameVerificationIgnored(boolean ignoreFlag)` Sets the hostnameVerificationIgnored attribute of the SSLMBean object
`void`	`setHostnameVerifier(java.lang.String classname)` Sets the hostnameVerifier attribute of the SSLMBean object
`void`	`setIdentityAndTrustLocations(java.lang.String locations)` Sets the identityAndTrustLocations attribute of the SSLMBean object
`void`	`setKeyEncrypted(boolean keyIsEncrypted)` This attribute is no longer used as of WLS 7.0.
`void`	`setListenPort(int port)` Set the TCP/IP port at which the WebLogic Server listens for SSL connection requests.
`void`	`setLoginTimeoutMillis(int millis)` Sets the number of milliseconds that WebLogic Server waits for an SSL connection before timing out.
`void`	`setMDAcceleration(java.lang.String accel)` Sets the mDAcceleration attribute of the SSLMBean object
`void`	`setPeerValidationEnforced(int checkLevel)` Sets the peerValidationEnforced attribute of the SSLMBean object
`void`	`setRC4Acceleration(java.lang.String accel)` Sets the rC4Acceleration attribute of the SSLMBean object
`void`	`setRSAAcceleration(java.lang.String accel)` Sets the rSAAcceleration attribute of the SSLMBean object
`void`	`setServerCertificateChainFileName(java.lang.String fileName)` This attribute is no longer used as of WLS 7.0.
`void`	`setServerCertificateFileName(java.lang.String fileName)` Deprecated. as of 8.1, server certificates (and chains) should be stored in keystores.
`void`	`setServerKeyFileName(java.lang.String fileName)` Deprecated. as of 8.1, private keys should be stored in keystores.
`void`	`setServerPrivateKeyAlias(java.lang.String alias)` Sets the serverPrivateKeyAlias attribute of the SSLMBean object
`void`	`setServerPrivateKeyPassPhrase(java.lang.String phrase)` As of 8.1 sp4, this method does the following:
`void`	`setServerPrivateKeyPassPhraseEncrypted(byte[] bytes)` Encrypts and sets the value of the ServerPrivateKeyPassPhraseEncrypted attribute.
`void`	`setSSLRejectionLoggingEnabled(boolean enabled)` Sets the sSLRejectionLoggingEnabled attribute of the SSLMBean object
`void`	`setTrustedCAFileName(java.lang.String fileName)` Deprecated. as of 8.1, trusted CAs should be stored in keystores.
`void`	`setTwoWaySSLEnabled(boolean enabled)` Sets the twoWaySSLEnabled attribute of the SSLMBean object
`void`	`setUseJava(boolean usejava)` Sets the useJava attribute of the SSLMBean object

Methods inherited from interface weblogic.management.configuration.ConfigurationMBean

freezeCurrentValue, 
getNotes, 
restoreDefaultValue, 
setComments, 
setDefaultedMBean, 
setNotes, 
setPersistenceEnabled

Methods inherited from interface weblogic.management.WebLogicMBean

getMBeanInfo, 
getName, 
getObjectName, 
getParent, 
getType, 
isCachingDisabled, 
isRegistered, 
setName, 
setParent

Methods inherited from interface javax.management.DynamicMBean

getAttribute, 
getAttributes, 
invoke, 
setAttribute, 
setAttributes

Methods inherited from interface javax.management.MBeanRegistration

postDeregister, 
postRegister, 
preRegister

Methods inherited from interface javax.management.NotificationBroadcaster

addNotificationListener, 
getNotificationInfo, 
removeNotificationListener

Field Detail

IDENTITY_AND_TRUST_LOCATIONS_KEYSTORES

public static final java.lang.String IDENTITY_AND_TRUST_LOCATIONS_KEYSTORES

IDENTITY_AND_TRUST_LOCATIONS_FILES_OR_KEYSTORE_PROVIDERS

public static final java.lang.String IDENTITY_AND_TRUST_LOCATIONS_FILES_OR_KEYSTORE_PROVIDERS

CACHING_STUB_SVUID

public static final long CACHING_STUB_SVUID

Method Detail

isUseJava

public boolean isUseJava()

Enables the use of native Java libraries. WebLogic Server provides a pure-Java implementation of the SSL protocol. Native libraries enhance the performance for SSL operations on the Solaris, Windows NT, and IBM AIX platforms.

A configurable MBean attribute
Default Value: true
Old Property: weblogic.system.SSL.useJava
Returns:: The useJava value

setUseJava

public void setUseJava(boolean usejava)

Sets the useJava attribute of the SSLMBean object

Parameters:: usejava - The new useJava value

setMDAcceleration

public void setMDAcceleration(java.lang.String accel)
                       throws javax.management.InvalidAttributeValueException

Sets the mDAcceleration attribute of the SSLMBean object

Parameters:: accel - The new mDAcceleration value
Throws:: javax.management.InvalidAttributeValueException -

setRC4Acceleration

public void setRC4Acceleration(java.lang.String accel)
                        throws javax.management.InvalidAttributeValueException

Sets the rC4Acceleration attribute of the SSLMBean object

Parameters:: accel - The new rC4Acceleration value
Throws:: javax.management.InvalidAttributeValueException -

setRSAAcceleration

public void setRSAAcceleration(java.lang.String accel)
                        throws javax.management.InvalidAttributeValueException

Sets the rSAAcceleration attribute of the SSLMBean object

Parameters:: accel - The new rSAAcceleration value
Throws:: javax.management.InvalidAttributeValueException -

isEnabled

public boolean isEnabled()

Indicates whether the SSL port in the SSLMBean is enabled. If this is disabled then the plain-text (non-SSL) listen for this server must be enabled. Additional ports can be configured using

Default Value: false
Old Property: weblogic.security.ssl.enable
Returns:: The enabled value

setEnabled

public void setEnabled(boolean enable)
                throws javax.management.InvalidAttributeValueException

Legal Value: !(value == false && ServerLegalHelper.isListenPortEnabled(self) == false)
Secure Value: true
Parameters:: enable - The new enabled value
Throws:: javax.management.InvalidAttributeValueException -

getCiphersuites

public java.lang.String[] getCiphersuites()

Specifies the cipher suites being used on a particular WebLogic Server.

The possible values are:

TLS_NULL_WITH_NULL_NULL
TLS_RSA_WITH_NULL_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_EXPORT_WITH_DES_40_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_DH_anon_EXPORT_WITH_DES_40_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA

The default is TLS_RSA_EXPORT_WITH_RC4_40_MD5.

Returns:: The ciphersuites value

setCiphersuites

public void setCiphersuites(java.lang.String[] ciphers)
                     throws javax.management.InvalidAttributeValueException

Sets the ciphersuites attribute of the SSLMBean object

Parameters:: ciphers - The new ciphersuites value
Throws:: javax.management.InvalidAttributeValueException -

getCertAuthenticator

public java.lang.String getCertAuthenticator()

The name of the Java class that implements the weblogic.security.acl.CertAuthenticator class. This class maps the digital certificate of a client to a WebLogic Server user. the weblogic.security.acl.CertAuthenticator class has an authenticate() method that WebLogic Server calls after validating the digital certificate presented by the client.

Default Value: null
Old Property: weblogic.security.realm.certAuthenticator
Secure Value: weblogic.security.acl.CertAuthenticator
Returns:: The certAuthenticator value

setCertAuthenticator

public void setCertAuthenticator(java.lang.String classname)
                          throws javax.management.InvalidAttributeValueException

Sets the certAuthenticator attribute of the SSLMBean object

Parameters:: classname - The new certAuthenticator value
Throws:: javax.management.InvalidAttributeValueException -

getHostnameVerifier

public java.lang.String getHostnameVerifier()

The name of the class that implements the weblogic.security.SSL.HostnameVerifier class. This class verifies that the host name in the URL received from an SSL client matches the common name in the server certificate's distinguished name. This class prevents man-in-the-middle attacks. The weblogic.security.SSL.HostnameVerifier has a verify() method that WebLogic Server calls on the client during the SSL handshake.

Default Value: null
Old Property: weblogic.security.SSL.hostnameVerifier
Secure Value: weblogic.security.SSL.HostnameVerifier
Returns:: The hostnameVerifier value

setHostnameVerifier

public void setHostnameVerifier(java.lang.String classname)
                         throws javax.management.InvalidAttributeValueException

Sets the hostnameVerifier attribute of the SSLMBean object

Parameters:: classname - The new hostnameVerifier value
Throws:: javax.management.InvalidAttributeValueException -

isHostnameVerificationIgnored

public boolean isHostnameVerificationIgnored()

Indicates whether the installed implementation of the weblogic.security.SSL.HostnameVerifier class is enabled.

Returns:: The hostnameVerificationIgnored value

setHostnameVerificationIgnored

public void setHostnameVerificationIgnored(boolean ignoreFlag)
                                    throws javax.management.InvalidAttributeValueException

Sets the hostnameVerificationIgnored attribute of the SSLMBean object

Default Value: false
Old Property: weblogic.security.SSL.ignoreHostnameVerification
Secure Value: false
Parameters:: ignoreFlag - The new hostnameVerificationIgnored value
Throws:: javax.management.InvalidAttributeValueException -

getTrustedCAFileName

public java.lang.String getTrustedCAFileName()

Deprecated. as of 8.1, trusted CAs should be stored in keystores.

The name of the file containing the PEM-encoded trusted certificate authorities.

A configurable MBean attribute
Default Value: "trusted-ca.pem"
Old Property: weblogic.security.clientRootCA
Returns:: The trustedCAFileName value

setTrustedCAFileName

public void setTrustedCAFileName(java.lang.String fileName)
                          throws javax.management.InvalidAttributeValueException

Deprecated. as of 8.1, trusted CAs should be stored in keystores.

The name of the file that contains the digital certificate(s) for the certificate authority(s) trusted by WebLogic Server. The file specified in this attribute can contain a single digital certificate or multiple digital certificates. The file extension ( .DER or .PEM) tells WebLogic Server how to read the contents of the file.

Parameters:: fileName - The new trustedCAFileName value
Throws:: javax.management.InvalidAttributeValueException -

getPeerValidationEnforced

public int getPeerValidationEnforced()

Deprecated. As of WLS 6.1, this is an unused attribute

A non-configurable MBean attribute.
Default Value: 0
Returns:: The peerValidationEnforced value

setPeerValidationEnforced

public void setPeerValidationEnforced(int checkLevel)
                               throws javax.management.InvalidAttributeValueException

Sets the peerValidationEnforced attribute of the SSLMBean object

Parameters:: checkLevel - The new peerValidationEnforced value
Throws:: javax.management.InvalidAttributeValueException -

isKeyEncrypted

public boolean isKeyEncrypted()

This attribute is no longer used as of WLS 7.0. Specifies whether or not the private key for the WebLogic Server has been encrypted with a password.

If the attribute is set to true, the private key requires a password be supplied in order to use the key.
If the attribute is set to false, the private key is unencrypted and may be used without providing a password.

A configurable MBean attribute
Default Value: false
Secure Value: true
Returns:: The keyEncrypted value

setKeyEncrypted

public void setKeyEncrypted(boolean keyIsEncrypted)
                     throws javax.management.InvalidAttributeValueException

This attribute is no longer used as of WLS 7.0. Sets the keyEncrypted attribute of the SSLMBean object

Parameters:: keyIsEncrypted - The new keyEncrypted value
Throws:: javax.management.InvalidAttributeValueException -

getExportKeyLifespan

public int getExportKeyLifespan()

Specifies the number of times WebLogic Server can use an exportable key between a domestic server and an exportable client before generating a new key. The more secure you want WebLogic Server to be, the fewer times the key should be used before generating a new key.

Default Value: 500
Old Property: weblogic.security.key.export.lifespan
Returns:: The exportKeyLifespan value

setExportKeyLifespan

public void setExportKeyLifespan(int lifespan)
                          throws javax.management.InvalidAttributeValueException

Set the lifespan of the SSL server encryption key.

Legal Minimum Value: 1
Legal Maximum Value: java.lang.Integer.MAX_VALUE
Parameters:: lifespan - The new exportKeyLifespan value
Throws:: javax.management.InvalidAttributeValueException -

isClientCertificateEnforced

public boolean isClientCertificateEnforced()

Defines whether or not clients must present digital certificates from a trusted certificate authority to WebLogic Server.

A configurable MBean attribute
Default Value: false
Old Property: weblogic.security.enforceClientCert
Returns:: The clientCertificateEnforced value

setClientCertificateEnforced

public void setClientCertificateEnforced(boolean enforce)

Defines whether or not clients must present digital certificates from a trusted certificate authority to WebLogic Server.

Secure Value: true
Parameters:: enforce - The new clientCertificateEnforced value

getServerCertificateFileName

public java.lang.String getServerCertificateFileName()

Deprecated. as of 8.1, server certificates (and chains) should be stored in keystores.

The full directory location and name of the digital certificate for WebLogic Server. The file extension ( .DER or .PEM) tells WebLogic Server how to read the contents of the file.

A configurable MBean attribute
Default Value: "server-cert.der"
Old Property: weblogic.security.certificate.server
Returns:: The serverCertificateFileName value

setServerCertificateFileName

public void setServerCertificateFileName(java.lang.String fileName)

Deprecated. as of 8.1, server certificates (and chains) should be stored in keystores.

Sets the serverCertificateFileName attribute of the SSLMBean object

Parameters:: fileName - The new serverCertificateFileName value

getListenPort

public int getListenPort()

The TCP/IP port at which the WebLogic Server listens for SSL connection requests.

A configurable MBean attribute
Default Value: 7002
Old Property: weblogic.system.SSLListenPort
Returns:: The listenPort value
See Also:: isEnabled(), ServerMBean.getListenPort(), ServerMBean.getAdministrationPort(), NetworkChannelMBean.getListenPort(), NetworkChannelMBean.getSSLListenPort()

setListenPort

public void setListenPort(int port)

Set the TCP/IP port at which the WebLogic Server listens for SSL connection requests.

Legal Minimum Value: 1
Legal Maximum Value: 65535
Parameters:: port - The new listenPort value
See Also:: isEnabled(), ServerMBean.getListenPort(), ServerMBean.getAdministrationPort(), NetworkChannelMBean.getListenPort(), NetworkChannelMBean.getSSLListenPort()

getServerCertificateChainFileName

public java.lang.String getServerCertificateChainFileName()

Deprecated. Deprecated in WebLogic Server version 7.0.

This attribute is no longer used as of WLS 7.0. The full directory location and name of the file containing an ordered list of certificate authorities trusted by WebLogic Server. The .PEM file extension indicates that method that should be used to read the file. Note that the digital certificate for WebLogic Server should not be stored in this file.

A configurable MBean attribute
Default Value: "server-certchain.pem"
Returns:: The serverCertificateChainFileName value

setServerCertificateChainFileName

public void setServerCertificateChainFileName(java.lang.String fileName)

This attribute is no longer used as of WLS 7.0. The list of file names that contain server certificate authorities. This method returns an immutable list of filenames.

Parameters:: fileName - The new serverCertificateChainFileName value

getCertificateCacheSize

public int getCertificateCacheSize()

The number of certificates held that have not been redeemed by tokens.

A configurable MBean attribute
Default Value: 3
Old Property: weblogic.security.certificateCacheSize
Legal Minimum Value: 1
Legal Maximum Value: java.lang.Integer.MAX_VALUE
Returns:: The certificateCacheSize value

setCertificateCacheSize

public void setCertificateCacheSize(int size)

Set the number of certificates held that have not been redeemed by tokens.

Default Value: 3
Legal Minimum Value: 1
Legal Maximum Value: java.lang.Integer.MAX_VALUE
Parameters:: size - The new certificateCacheSize value

isHandlerEnabled

public boolean isHandlerEnabled()

Not used. Ignore.

A configurable MBean attribute
Default Value: true
Old Property: weblogic.security.SSLHandler.enable
Returns:: The handlerEnabled value

setHandlerEnabled

public void setHandlerEnabled(boolean enable)

Not used. Ignore.

Parameters:: enable - The new handlerEnabled value

getLoginTimeoutMillis

public int getLoginTimeoutMillis()

Specifies the number of milliseconds that WebLogic Server waits for an SSL connection before timing out. SSL connections take longer to negotiate than regular connections.

If clients are connecting over the Internet, raise the default number to accommodate additional network latency.

A dynamic MBean attribute
Default Value: 25000
Old Property: weblogic.login.readTimeoutMillisSSL
Returns:: The loginTimeoutMillis value
See Also:: ServerMBean.getLoginTimeoutMillis(), NetworkChannelMBean.getLoginTimeoutMillisSSL()

setLoginTimeoutMillis

public void setLoginTimeoutMillis(int millis)

Sets the number of milliseconds that WebLogic Server waits for an SSL connection before timing out. SSL connections take longer to negotiate than regular connections.

If clients are connecting over the Internet, raise the default number to accommodate additional network latency.

Legal Minimum Value: 1
Legal Maximum Value: java.lang.Integer.MAX_VALUE
Parameters:: millis - The new loginTimeoutMillis value
See Also:: ServerMBean.getLoginTimeoutMillis(), NetworkChannelMBean.getLoginTimeoutMillisSSL()

getServerKeyFileName

public java.lang.String getServerKeyFileName()

Deprecated. as of 8.1, private keys should be stored in keystores.

The full directory location and name of the private key for WebLogic Server. The file extension (.PEM) indicates the method that should be used to read the file.

A configurable MBean attribute
Default Value: "server-key.der"
Old Property: weblogic.security.key.server
Returns:: The serverKeyFileName value

setServerKeyFileName

public void setServerKeyFileName(java.lang.String fileName)

Deprecated. as of 8.1, private keys should be stored in keystores.

Set the file containing the SSL server encryption key.

Parameters:: fileName - The new serverKeyFileName value

isTwoWaySSLEnabled

public boolean isTwoWaySSLEnabled()

Is two way SSL enabled?

A configurable MBean attribute
Default Value: "false"
Secure Value: "true"
Returns:: The twoWaySSLEnabled value

setTwoWaySSLEnabled

public void setTwoWaySSLEnabled(boolean enabled)

Sets the twoWaySSLEnabled attribute of the SSLMBean object

Parameters:: enabled - The new twoWaySSLEnabled value

getServerPrivateKeyAlias

public java.lang.String getServerPrivateKeyAlias()

The string alias used to store and retrieve the server's private key in the keystore. This private key is associated with the server's digital certificate.

A configurable MBean attribute
Default Value: null
Returns:: The serverPrivateKeyAlias value

setServerPrivateKeyAlias

public void setServerPrivateKeyAlias(java.lang.String alias)

Sets the serverPrivateKeyAlias attribute of the SSLMBean object

Parameters:: alias - The new serverPrivateKeyAlias value

getServerPrivateKeyPassPhrase

public java.lang.String getServerPrivateKeyPassPhrase()

The passphrase used to retrieve the server's private key from the keystore. This passphrase is assigned to the private key when it is generated.

As of 8.1 sp4, the getServerPrivateKeyPassPhrase() method does the following:

Retrieves the value of the ServerPrivateKeyPassPhraseEncrypted attribute.
Decrypts the value and returns the unencrypted passphrase as a String.

Using getServerPrivateKeyPassPhrase() is a potential security risk because the String object (which contains the unencrypted passphrase) remains in the JVM's memory until garbage collection removes it. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this method, use getServerPrivateKeyPassPhraseEncrypted() to retrieve the encrypted pass phrase. On the same WebLogic Server that encrypted the value of the ServerPrivateKeyPassPhraseEncrypted attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied pass phrase. Then compare the encrypted values.

A non-configurable MBean attribute.
Default Value: null
Returns:: The serverPrivateKeyPassPhrase value
See Also:: getServerPrivateKeyPassPhraseEncrypted()

setServerPrivateKeyPassPhrase

public void setServerPrivateKeyPassPhrase(java.lang.String phrase)

As of 8.1 sp4, this method does the following:

Encrypts the parameter value.
Sets the value of the ServerPrivateKeyPassPhraseEncrypted attribute to the encrypted parameter value.

A non-configurable MBean attribute.
Parameters:: phrase - The new serverPrivateKeyPassPhrase value
See Also:: setServerPrivateKeyPassPhraseEncrypted(byte[] bytes)

getServerPrivateKeyPassPhraseEncrypted

public byte[] getServerPrivateKeyPassPhraseEncrypted()

The encrypted passphrase used to retrieve the server's private key from the keystore. This passphrase is assigned to the private key when it is generated.

A configurable MBean attribute
Default Value: null
Returns:: The serverPrivateKeyPassPhrase value in encrypted form.
See Also:: EncryptionHelper

setServerPrivateKeyPassPhraseEncrypted

public void setServerPrivateKeyPassPhraseEncrypted(byte[] bytes)

Encrypts and sets the value of the ServerPrivateKeyPassPhraseEncrypted attribute.

Parameters:: bytes - The new serverPrivateKeyPassPhrase value a byte array.
See Also:: getServerPrivateKeyPassPhraseEncrypted()

isSSLRejectionLoggingEnabled

public boolean isSSLRejectionLoggingEnabled()

This setting controls whether logging is done when a connection over SSL is rejected.

A dynamic MBean attribute
A configurable MBean attribute
Default Value: "true"
Returns:: The sSLRejectionLoggingEnabled value

setSSLRejectionLoggingEnabled

public void setSSLRejectionLoggingEnabled(boolean enabled)

Sets the sSLRejectionLoggingEnabled attribute of the SSLMBean object

Parameters:: enabled - The new sSLRejectionLoggingEnabled value

getIdentityAndTrustLocations

public java.lang.String getIdentityAndTrustLocations()

Indicates where SSL should find the server's identity (certificate and private key) as well as the server's trust (trusted CAs).

If set to KEYSTORES, then SSL retrieves the identity and trust from the server's keystores (that are configured on the Server MBean).

If set to FILES_OR_KEYSTORE_PROVIDERS, then SSL first looks in the deprecated KeyStore providers for the identity and trust. If not found, then it looks in the flat files indicated by the SSLMBean's TrustedCAFileName, ServerCertificateFileName and ServerKeyFileName attributes.

Domains created in WLS 8.1 or later default to KEYSTORES. Domains created before WLS 8.1 default to FILES_OR_KEYSTORE_PROVIDERS.

A configurable MBean attribute
Legal Values: IDENTITY_AND_TRUST_LOCATIONS_KEYSTORES, IDENTITY_AND_TRUST_LOCATIONS_FILES_OR_KEYSTORE_PROVIDERS
Returns:: The identityAndTrustLocations value

setIdentityAndTrustLocations

public void setIdentityAndTrustLocations(java.lang.String locations)

Sets the identityAndTrustLocations attribute of the SSLMBean object

Parameters:: locations - The new identityAndTrustLocations value