Class ClientSSLOptions

java.lang.Object
io.vertx.core.net.SSLOptions
io.vertx.core.net.ClientSSLOptions
public class ClientSSLOptions extends SSLOptions
Client SSL options.

  • Field Details

    • DEFAULT_HOSTNAME_VERIFICATION_ALGORITHM

      public static final String DEFAULT_HOSTNAME_VERIFICATION_ALGORITHM
      Default value to determine hostname verification algorithm hostname verification (for SSL/TLS) = null

    • DEFAULT_TRUST_ALL

      public static final boolean DEFAULT_TRUST_ALL
      The default value of whether all servers (SSL/TLS) should be trusted = false
      See Also:

  • Constructor Details

    • ClientSSLOptions

      public ClientSSLOptions()
      Default constructor

    • ClientSSLOptions

      public ClientSSLOptions(ClientSSLOptions other)
      Copy constructor
      Parameters:
      other - the options to copy

    • ClientSSLOptions

      public ClientSSLOptions(JsonObject json)
      Create options from JSON
      Parameters:
      json - the JSON

  • Method Details

    • init

      protected void init()
      Overrides:
      init in class SSLOptions

    • copy

      public ClientSSLOptions copy()
      Overrides:
      copy in class SSLOptions

    • getHostnameVerificationAlgorithm

      public String getHostnameVerificationAlgorithm()
      Returns:
      the value of the hostname verification algorithm

    • setHostnameVerificationAlgorithm

      public ClientSSLOptions setHostnameVerificationAlgorithm(String hostnameVerificationAlgorithm)
      Set the hostname verification algorithm interval
      Parameters:
      hostnameVerificationAlgorithm - should be HTTPS, LDAPS or a null
      Returns:
      a reference to this, so the API can be used fluently

    • isTrustAll

      public boolean isTrustAll()
      Returns:
      true if all server certificates should be trusted

    • setTrustAll

      public ClientSSLOptions setTrustAll(boolean trustAll)
      Set whether all server certificates should be trusted
      Parameters:
      trustAll - true if all should be trusted
      Returns:
      a reference to this, so the API can be used fluently

    • setKeyCertOptions

      public ClientSSLOptions setKeyCertOptions(KeyCertOptions options)
      Description copied from class: SSLOptions
      Set the key/cert options.
      Overrides:
      setKeyCertOptions in class SSLOptions
      Parameters:
      options - the key store options
      Returns:
      a reference to this, so the API can be used fluently

    • setTrustOptions

      public ClientSSLOptions setTrustOptions(TrustOptions options)
      Description copied from class: SSLOptions
      Set the trust options.
      Overrides:
      setTrustOptions in class SSLOptions
      Parameters:
      options - the trust options
      Returns:
      a reference to this, so the API can be used fluently

    • setUseAlpn

      public ClientSSLOptions setUseAlpn(boolean useAlpn)
      Description copied from class: SSLOptions
      Set the ALPN usage.
      Overrides:
      setUseAlpn in class SSLOptions
      Parameters:
      useAlpn - true when Application-Layer Protocol Negotiation should be used

    • setUseHybridKeyExchangeProtocol

      public ClientSSLOptions setUseHybridKeyExchangeProtocol(boolean useHybridKeyExchangeProtocol)
      Description copied from class: SSLOptions
      Enable or disable the hybrid post-quantum key exchange protocol X25519MLKEM768.

      When enabled, TLS connections will use X25519MLKEM768 for key exchange, providing protection against quantum computer attacks.

      This feature requires OpenSSL and will not work with the JDK SSL engine. You must:

      • Use OpenSSLEngineOptions as the SSL engine
      • Have io.netty:netty-tcnative-classes on the classpath
      • Have an OpenSSL provider (e.g. io.smallrye:smallrye-openssl) on the classpath
      If OpenSSL is not available, the TLS handshake will fail rather than silently falling back to a non-quantum-safe key exchange.
      Overrides:
      setUseHybridKeyExchangeProtocol in class SSLOptions
      Parameters:
      useHybridKeyExchangeProtocol - true to enable hybrid key exchange
      Returns:
      a reference to this, so the API can be used fluently

    • setSslHandshakeTimeout

      public ClientSSLOptions setSslHandshakeTimeout(long sslHandshakeTimeout)
      Description copied from class: SSLOptions
      Set the SSL handshake timeout, default time unit is seconds.
      Overrides:
      setSslHandshakeTimeout in class SSLOptions
      Parameters:
      sslHandshakeTimeout - the SSL handshake timeout to set, in milliseconds
      Returns:
      a reference to this, so the API can be used fluently

    • setSslHandshakeTimeoutUnit

      public ClientSSLOptions setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
      Description copied from class: SSLOptions
      Set the SSL handshake timeout unit. If not specified, default is seconds.
      Overrides:
      setSslHandshakeTimeoutUnit in class SSLOptions
      Parameters:
      sslHandshakeTimeoutUnit - specify time unit.
      Returns:
      a reference to this, so the API can be used fluently

    • setEnabledSecureTransportProtocols

      public ClientSSLOptions setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
      Description copied from class: SSLOptions
      Sets the list of enabled SSL/TLS protocols.
      Overrides:
      setEnabledSecureTransportProtocols in class SSLOptions
      Parameters:
      enabledSecureTransportProtocols - the SSL/TLS protocols to enable
      Returns:
      a reference to this, so the API can be used fluently

    • setApplicationLayerProtocols

      public ClientSSLOptions setApplicationLayerProtocols(List<String> protocols)
      Description copied from class: SSLOptions
      Set the list of application-layer protocols to provide to the server during the Application-Layer Protocol Negotiation.
      Overrides:
      setApplicationLayerProtocols in class SSLOptions
      Parameters:
      protocols - the protocols
      Returns:
      a reference to this, so the API can be used fluently

    • addCrlPath

      public ClientSSLOptions addCrlPath(String crlPath) throws NullPointerException
      Description copied from class: SSLOptions
      Add a CRL path
      Overrides:
      addCrlPath in class SSLOptions
      Parameters:
      crlPath - the path
      Returns:
      a reference to this, so the API can be used fluently
      Throws:
      NullPointerException

    • addCrlValue

      public ClientSSLOptions addCrlValue(Buffer crlValue) throws NullPointerException
      Description copied from class: SSLOptions
      Add a CRL value
      Overrides:
      addCrlValue in class SSLOptions
      Parameters:
      crlValue - the value
      Returns:
      a reference to this, so the API can be used fluently
      Throws:
      NullPointerException

    • removeEnabledCipherSuite

      public ClientSSLOptions removeEnabledCipherSuite(String suite)
      Description copied from class: SSLOptions
      Removes an enabled cipher suite from the ordered suites.
      Overrides:
      removeEnabledCipherSuite in class SSLOptions
      Parameters:
      suite - the suite
      Returns:
      a reference to this, so the API can be used fluently

    • addEnabledSecureTransportProtocol

      public ClientSSLOptions addEnabledSecureTransportProtocol(String protocol)
      Description copied from class: SSLOptions
      Add an enabled SSL/TLS protocols, appended to the ordered protocols.
      Overrides:
      addEnabledSecureTransportProtocol in class SSLOptions
      Parameters:
      protocol - the SSL/TLS protocol to enable
      Returns:
      a reference to this, so the API can be used fluently

    • removeEnabledSecureTransportProtocol

      public ClientSSLOptions removeEnabledSecureTransportProtocol(String protocol)
      Description copied from class: SSLOptions
      Removes an enabled SSL/TLS protocol from the ordered protocols.
      Overrides:
      removeEnabledSecureTransportProtocol in class SSLOptions
      Parameters:
      protocol - the SSL/TLS protocol to disable
      Returns:
      a reference to this, so the API can be used fluently

    • addEnabledCipherSuite

      public ClientSSLOptions addEnabledCipherSuite(String suite)
      Description copied from class: SSLOptions
      Add an enabled cipher suite, appended to the ordered suites.
      Overrides:
      addEnabledCipherSuite in class SSLOptions
      Parameters:
      suite - the suite
      Returns:
      a reference to this, so the API can be used fluently
      See Also:

    • toJson

      public JsonObject toJson()
      Convert to JSON
      Overrides:
      toJson in class SSLOptions
      Returns:
      the JSON