< prev index next >
src/java.base/share/classes/javax/net/ssl/SSLParameters.java
Print this page
*** 86,95 ****
--- 86,96 ----
private Map<Integer, SNIMatcher> sniMatchers = null;
private boolean preferLocalCipherSuites;
private boolean enableRetransmissions = true;
private int maximumPacketSize = 0;
private String[] applicationProtocols = new String[0];
+ private boolean useCertificateAuthorities = false;
/**
* Constructs SSLParameters.
* <p>
* The values of cipherSuites, protocols, cryptographic algorithm
*** 673,678 ****
--- 674,730 ----
"An element of protocols was null/empty");
}
}
applicationProtocols = tempProtocols;
}
+
+ /**
+ * Returns whether or not the use of Certificate Authorities
+ * TLS extension is enabled on either a Client or a Server.
+ * <p>
+ * When the extension is enabled on a Client, information
+ * regarding its trusted certificate authorities is sent in
+ * a {@code ClientHello} message, during the TLS handshake.
+ * <p>
+ * When the extension is enabled on a Server, information
+ * regarding its trusted certificate authorities is sent in
+ * a {@code CertificateRequest} message, during the TLS handshake
+ * (assuming the Server requires client certificate authentication).
+ * <p>
+ * This is part of Certificate Authorities TLS extension (TLS 1.3).
+ * See further information in
+ * <a href="https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.2.4">TLS 1.3</a>.
+ *
+ * @return a boolean value indicating whether or not the use of
+ * Certificate Authorities TLS extension is enabled.
+ */
+ public boolean getUseCertificateAuthorities() {
+ return useCertificateAuthorities;
+ }
+
+ /**
+ * Sets whether or not the use of Certificate Authorities
+ * TLS extension should be enabled on either a Client or a Server.
+ * <p>
+ * When the extension is enabled on a Client, information
+ * regarding its trusted certificate authorities is sent in
+ * a {@code ClientHello} message, during the TLS handshake.
+ * <p>
+ * When the extension is enabled on a Server, information
+ * regarding its trusted certificate authorities is sent in
+ * a {@code CertificateRequest} message, during the TLS handshake
+ * (assuming the Server requires Client certificate authentication).
+ * <p>
+ * This is part of Certificate Authorities TLS extension (TLS 1.3).
+ * See further information in
+ * <a href="https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.2.4">TLS 1.3</a>.
+ *
+ * @param useCertificateAuthorities whether or not the use of Certificate
+ * Authorities TLS extension should be enabled.
+ * @throws UnsupportedOperationException if the underlying provider
+ * does not implement the operation.
+ */
+ public void setUseCertificateAuthorities(boolean useCertificateAuthorities) {
+ this.useCertificateAuthorities = useCertificateAuthorities;
+ }
+
}
< prev index next >