public interface SecureJettyConfiguration extends JettyConfiguration
SecureJettyMixin
.
Only the three keystore related properties are mandatory, all the other ones have sensible defaults.Modifier and Type | Method and Description |
---|---|
org.qi4j.api.property.Property<Boolean> |
allowRenegotiation()
If SSL/TLS renegotiation is allowed.
|
org.qi4j.api.property.Property<Boolean> |
cacheSslSessions()
If SSL Session caching is enabled.
|
org.qi4j.api.property.Property<String> |
certAlias()
Alias of the
SecureJettyService certificate. |
org.qi4j.api.property.Property<String> |
crlFilePath() |
org.qi4j.api.property.Property<Boolean> |
enableCRLDP() |
org.qi4j.api.property.Property<Boolean> |
enableOCSP() |
org.qi4j.api.property.Property<String> |
excludeCipherSuites() |
org.qi4j.api.property.Property<String> |
includeCipherSuites() |
org.qi4j.api.property.Property<String> |
keystorePassword() |
org.qi4j.api.property.Property<String> |
keystorePath() |
org.qi4j.api.property.Property<String> |
keystoreType() |
org.qi4j.api.property.Property<Integer> |
maxCertPathLength()
Maximum number of intermediate certificates in the PKIX path.
|
org.qi4j.api.property.Property<Boolean> |
needClientAuth()
If the
SecureJettyService needs client authentication. |
org.qi4j.api.property.Property<String> |
ocspResponderURL() |
org.qi4j.api.property.Property<String> |
secureRandomAlgorithm()
The algorithm used by
SecureRandom for SSL operations. |
org.qi4j.api.property.Property<String> |
truststorePassword() |
org.qi4j.api.property.Property<String> |
truststorePath() |
org.qi4j.api.property.Property<String> |
truststoreType() |
org.qi4j.api.property.Property<Boolean> |
validatePeerCerts()
If client certificates PKIX validation MUST use either CRL or OCSP.
|
org.qi4j.api.property.Property<Boolean> |
validateServerCert()
If the
SecureJettyService certificate MUST be PKIX validated. |
org.qi4j.api.property.Property<Boolean> |
wantClientAuth()
If the
SecureJettyService wants client authentication. |
contextPath, gracefullShutdownTimeout, hostName, lowResourceMaxIdleTime, maxFormContentSize, maxIdleTime, port, requestHeaderSize, resourcePath, responseBufferSize, responseHeaderSize, sendDateHeader, sendServerVersion, statistics, virtualHosts, welcomeFiles
org.qi4j.api.property.Property<String> keystoreType()
SecureJettyService
certificate.org.qi4j.api.property.Property<String> keystorePath()
SecureJettyService
certificate.@UseDefaults org.qi4j.api.property.Property<String> keystorePassword()
SecureJettyService
certificate.@Optional org.qi4j.api.property.Property<String> certAlias()
SecureJettyService
certificate.
If not set, the first certificate found in the keystore is used.SecureJettyService
certificate.@Optional org.qi4j.api.property.Property<String> truststoreType()
SecureJettyService
.@Optional org.qi4j.api.property.Property<String> truststorePath()
SecureJettyService
.@UseDefaults org.qi4j.api.property.Property<String> truststorePassword()
SecureJettyService
.@UseDefaults org.qi4j.api.property.Property<Boolean> wantClientAuth()
SecureJettyService
wants client authentication.
Defaults to false. If set to true, the SecureJettyService
will expose the fact that it can handle client
certificate based authentication.SecureJettyService
wants client authentication.@UseDefaults org.qi4j.api.property.Property<Boolean> needClientAuth()
SecureJettyService
needs client authentication.
Defaults to false. If set to true, only mutually authentified connections will be accepted.SecureJettyService
needs client authentication.@Optional org.qi4j.api.property.Property<String> secureRandomAlgorithm()
SecureRandom
for SSL operations.
Default JVM algorithm is used if omitted.SecureRandom
for SSL operations.@Optional org.qi4j.api.property.Property<String> includeCipherSuites()
@Optional org.qi4j.api.property.Property<String> excludeCipherSuites()
@Optional org.qi4j.api.property.Property<Boolean> cacheSslSessions()
@UseDefaults org.qi4j.api.property.Property<Boolean> allowRenegotiation()
@Optional org.qi4j.api.property.Property<Integer> maxCertPathLength()
@UseDefaults org.qi4j.api.property.Property<Boolean> validateServerCert()
SecureJettyService
certificate MUST be PKIX validated.
IMPORTANT:
Defaults to false.
SecureJettyService
certificate MUST be PKIX validated.@UseDefaults org.qi4j.api.property.Property<Boolean> validatePeerCerts()
IMPORTANT:
Defaults to false.
@Optional org.qi4j.api.property.Property<String> crlFilePath()
@UseDefaults org.qi4j.api.property.Property<Boolean> enableCRLDP()
@UseDefaults org.qi4j.api.property.Property<Boolean> enableOCSP()
@Optional org.qi4j.api.property.Property<String> ocspResponderURL()