SSLSession
public abstract class ExtendedSSLSession extends Object implements SSLSession
SSLSession
interface to support additional session attributes.Constructor | Description |
---|---|
ExtendedSSLSession() |
Constructor for subclasses to call. |
Modifier and Type | Method | Description |
---|---|---|
abstract String[] |
getLocalSupportedSignatureAlgorithms() |
Obtains an array of supported signature algorithms that the local side is willing to use. |
abstract String[] |
getPeerSupportedSignatureAlgorithms() |
Obtains an array of supported signature algorithms that the peer is able to use. |
List |
getRequestedServerNames() |
Obtains a List containing all SNIServerName s of the requested Server Name Indication (SNI) extension. |
List |
getStatusResponses() |
Returns a List containing DER-encoded OCSP responses (using the ASN.1 type OCSPResponse defined in RFC 6960) for the client to verify status of the server's certificate during handshaking. |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getApplicationBufferSize, getCipherSuite, getCreationTime, getId, getLastAccessedTime, getLocalCertificates, getLocalPrincipal, getPacketBufferSize, getPeerCertificateChain, getPeerCertificates, getPeerHost, getPeerPort, getPeerPrincipal, getProtocol, getSessionContext, getValue, getValueNames, invalidate, isValid, putValue, removeValue
public ExtendedSSLSession()
public abstract String[] getLocalSupportedSignatureAlgorithms()
Note: this method is used to indicate to the peer which signature algorithms may be used for digital signatures in TLS/DTLS 1.2. It is not meaningful for TLS/DTLS versions prior to 1.2.
The signature algorithm name must be a standard Java Security name (such as "SHA1withRSA", "SHA256withECDSA", and so on). See the Java Security Standard Algorithm Names document for information about standard algorithm names.
Note: the local supported signature algorithms should conform to the algorithm constraints specified by getAlgorithmConstraints()
method in SSLParameters
.
public abstract String[] getPeerSupportedSignatureAlgorithms()
Note: this method is used to indicate to the local side which signature algorithms may be used for digital signatures in TLS/DTLS 1.2. It is not meaningful for TLS/DTLS versions prior to 1.2.
The signature algorithm name must be a standard Java Security name (such as "SHA1withRSA", "SHA256withECDSA", and so on). See the Java Security Standard Algorithm Names document for information about standard algorithm names.
public List<SNIServerName> getRequestedServerNames()
List
containing all SNIServerName
s of the requested Server Name Indication (SNI) extension. In server mode, unless the return List
is empty, the server should use the requested server names to guide its selection of an appropriate authentication certificate, and/or other aspects of security policy.
In client mode, unless the return List
is empty, the client should use the requested server names to guide its endpoint identification of the peer's identity, and/or other aspects of security policy.
SNIServerName
s of the requested server name indications. The returned list may be empty if no server name indications were requested.UnsupportedOperationException
- if the underlying provider does not implement the operationpublic List<byte[]> getStatusResponses()
List
containing DER-encoded OCSP responses (using the ASN.1 type OCSPResponse defined in RFC 6960) for the client to verify status of the server's certificate during handshaking. This method only applies to certificate-based server authentication. An X509ExtendedTrustManager
will use the returned value for server certificate validation.
SSLSession.getLocalCertificates()
for server mode, and SSLSession.getPeerCertificates()
for client mode). It is possible that fewer response entries may be returned than the number of presented certificates. If an entry in the list is a zero-length byte array, it should be treated by the caller as if the OCSP entry for the corresponding certificate is missing. The returned list may be empty if no OCSP responses were presented during handshaking or if OCSP stapling is not supported by either endpoint for this handshake.UnsupportedOperationException
- if the underlying provider does not implement the operation
© 1993, 2023, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
https://docs.oracle.com/en/java/javase/21/docs/api/java.base/javax/net/ssl/ExtendedSSLSession.html