Module java.base

Class SSLParameters


public class SSLParameters extends Object
Encapsulates parameters for an SSL/TLS/DTLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS/DTLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS/DTLS handshaking, the Server Name Indication (SNI), the maximum network packet size, the algorithm constraints, the signature schemes, the key exchange named groups and whether SSL/TLS/DTLS servers should request or require client authentication, etc.

SSLParameter objects can be created via the constructors in this class, and can be described as pre-populated objects. SSLParameter objects can also be obtained using the getSSLParameters() methods in SSLSocket and SSLServerSocket and SSLEngine or the getDefaultSSLParameters() and getSupportedSSLParameters() methods in SSLContext, and can be described as connection populated objects.

SSLParameters can be applied to a connection via the methods SSLSocket.setSSLParameters() and SSLServerSocket.setSSLParameters() and SSLEngine.setSSLParameters().

For example:

     SSLParameters p = sslSocket.getSSLParameters();
     p.setProtocols(new String[] { "TLSv1.2" });
         new String[] { "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", ... });
     p.setApplicationProtocols(new String[] {"h2", "http/1.1"});

See Also: