@Generated(value="OracleSDKGenerator", comments="API Version: 20170115") public final class SSLConfigurationDetails extends Object
The load balancer’s SSL handling configuration details.
*Warning:** Oracle recommends that you avoid using any confidential information when you supply string values using the API.
Note: Objects should always be created or deserialized using the SSLConfigurationDetails.Builder. This model distinguishes fields
that are null because they are unset from fields that are explicitly set to null. This is done in
the setter methods of the SSLConfigurationDetails.Builder, which maintain a set of all explicitly set fields called
__explicitlySet__. The hashCode() and equals(Object) methods are implemented to take
__explicitlySet__ into account. The constructor, on the other hand, does not set __explicitlySet__
(since the constructor cannot distinguish explicit null from unset null).
| Modifier and Type | Class and Description |
|---|---|
static class |
SSLConfigurationDetails.Builder |
static class |
SSLConfigurationDetails.ServerOrderPreference
When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client
ciphers.
|
| Constructor and Description |
|---|
SSLConfigurationDetails(Integer verifyDepth,
Boolean verifyPeerCertificate,
String certificateName,
List<String> protocols,
String cipherSuiteName,
SSLConfigurationDetails.ServerOrderPreference serverOrderPreference)
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
static SSLConfigurationDetails.Builder |
builder()
Create a new builder.
|
boolean |
equals(Object o) |
Set<String> |
get__explicitlySet__() |
String |
getCertificateName()
A friendly name for the certificate bundle.
|
String |
getCipherSuiteName()
The name of the cipher suite to use for HTTPS or SSL connections.
|
List<String> |
getProtocols()
A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
|
SSLConfigurationDetails.ServerOrderPreference |
getServerOrderPreference()
When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client
ciphers.
|
Integer |
getVerifyDepth()
The maximum depth for peer certificate chain verification.
|
Boolean |
getVerifyPeerCertificate()
Whether the load balancer listener should verify peer certificates.
|
int |
hashCode() |
SSLConfigurationDetails.Builder |
toBuilder() |
String |
toString() |
@ConstructorProperties(value={"verifyDepth","verifyPeerCertificate","certificateName","protocols","cipherSuiteName","serverOrderPreference"}) @Deprecated public SSLConfigurationDetails(Integer verifyDepth, Boolean verifyPeerCertificate, String certificateName, List<String> protocols, String cipherSuiteName, SSLConfigurationDetails.ServerOrderPreference serverOrderPreference)
public static SSLConfigurationDetails.Builder builder()
Create a new builder.
public SSLConfigurationDetails.Builder toBuilder()
public Integer getVerifyDepth()
The maximum depth for peer certificate chain verification.
Example: `3`
public Boolean getVerifyPeerCertificate()
Whether the load balancer listener should verify peer certificates.
Example: `true`
public String getCertificateName()
A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information.
Example: `example_certificate_bundle`
public List<String> getProtocols()
A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
TLSv1 * TLSv1.1 * TLSv1.2
If this field is not specified, TLSv1.2 is the default.
*Warning:** All SSL listeners created on a given port must use the same set of SSL protocols.
*Notes:**
The handshake to establish an SSL connection fails if the client supports none of the specified protocols. * You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. * For all existing load balancer listeners and backend sets that predate this feature, the `GET` operation displays a list of SSL protocols currently used by those resources.
example: `[\"TLSv1.1\", \"TLSv1.2\"]`
public String getCipherSuiteName()
The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is `oci-default-ssl-cipher-suite-v1`.
*Notes:**
You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration. * You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates. * If the cipher configuration is not modified after load balancer creation, the `GET` operation returns `oci-default-ssl-cipher-suite-v1` as the value of this field in the SSL configuration for existing listeners that predate this feature. * If the cipher configuration was modified using Oracle operations after load balancer creation, the `GET` operation returns `oci-customized-ssl-cipher-suite` as the value of this field in the SSL configuration for existing listeners that predate this feature. * The `GET` operation returns `oci-wider-compatible-ssl-cipher-suite-v1` as the value of this field in the SSL configuration for existing backend sets that predate this feature. * If the `GET` operation on a listener returns `oci-customized-ssl-cipher-suite` as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. * The `oci-customized-ssl-cipher-suite` Oracle reserved cipher suite name is not accepted as valid input for this field.
example: `example_cipher_suite`
public SSLConfigurationDetails.ServerOrderPreference getServerOrderPreference()
When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
*Note:** This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the `SSLConfiguration` object is associated with a backend set.
Copyright © 2016–2021. All rights reserved.