< prev index next >

src/java.base/share/classes/javax/net/ssl/SSLParameters.java

Print this page

        

*** 86,95 **** --- 86,96 ---- private Map<Integer, SNIMatcher> sniMatchers = null; private boolean preferLocalCipherSuites; private boolean enableRetransmissions = true; private int maximumPacketSize = 0; private String[] applicationProtocols = new String[0]; + private boolean useCertificateAuthorities = false; /** * Constructs SSLParameters. * <p> * The values of cipherSuites, protocols, cryptographic algorithm
*** 673,678 **** --- 674,730 ---- "An element of protocols was null/empty"); } } applicationProtocols = tempProtocols; } + + /** + * Returns whether or not the use of Certificate Authorities + * TLS extension is enabled on either a Client or a Server. + * <p> + * When the extension is enabled on a Client, information + * regarding its trusted certificate authorities is sent in + * a {@code ClientHello} message, during the TLS handshake. + * <p> + * When the extension is enabled on a Server, information + * regarding its trusted certificate authorities is sent in + * a {@code CertificateRequest} message, during the TLS handshake + * (assuming the Server requires client certificate authentication). + * <p> + * This is part of Certificate Authorities TLS extension (TLS 1.3). + * See further information in + * <a href="https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.2.4">TLS 1.3</a>. + * + * @return a boolean value indicating whether or not the use of + * Certificate Authorities TLS extension is enabled. + */ + public boolean getUseCertificateAuthorities() { + return useCertificateAuthorities; + } + + /** + * Sets whether or not the use of Certificate Authorities + * TLS extension should be enabled on either a Client or a Server. + * <p> + * When the extension is enabled on a Client, information + * regarding its trusted certificate authorities is sent in + * a {@code ClientHello} message, during the TLS handshake. + * <p> + * When the extension is enabled on a Server, information + * regarding its trusted certificate authorities is sent in + * a {@code CertificateRequest} message, during the TLS handshake + * (assuming the Server requires Client certificate authentication). + * <p> + * This is part of Certificate Authorities TLS extension (TLS 1.3). + * See further information in + * <a href="https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.2.4">TLS 1.3</a>. + * + * @param useCertificateAuthorities whether or not the use of Certificate + * Authorities TLS extension should be enabled. + * @throws UnsupportedOperationException if the underlying provider + * does not implement the operation. + */ + public void setUseCertificateAuthorities(boolean useCertificateAuthorities) { + this.useCertificateAuthorities = useCertificateAuthorities; + } + }
< prev index next >