Package io.netty.handler.ssl

Class OpenSsl

  • public final class OpenSsl
extends java.lang.Object
    Tells if netty-tcnative and its OpenSSL support are available.

    • Method Detail

      • isAvailable

        public static boolean isAvailable()
        Returns true if and only if netty-tcnative and its OpenSSL support are available.

      • isOcspSupported

        public static boolean isOcspSupported()
        Returns true if the used version of OpenSSL supports OCSP stapling.

      • isRenegotiationSupported

        public static boolean isRenegotiationSupported()
        Returns true if the used version of OpenSSL supports renegotiation.

        Some implementations, such as BoringSSL and AWS-LC, intentionally do not support renegotiation.

        Returns:
        true if renegotiation is supported, otherwise false.

      • version

        public static int version()
        Returns the version of the used available OpenSSL library or -1 if isAvailable() returns false.

      • versionString

        public static java.lang.String versionString()
        Returns the version string of the used available OpenSSL library or null if isAvailable() returns false.

      • ensureAvailability

        public static void ensureAvailability()
        Ensure that netty-tcnative and its OpenSSL support are available.
        Throws:
        java.lang.UnsatisfiedLinkError - if unavailable

      • unavailabilityCause

        public static java.lang.Throwable unavailabilityCause()
        Returns the cause of unavailability of netty-tcnative and its OpenSSL support.
        Returns:
        the cause if unavailable. null if available.

      • availableCipherSuites

        @Deprecated
public static java.util.Set<java.lang.String> availableCipherSuites()
        Deprecated.
        use availableOpenSslCipherSuites()

      • availableOpenSslCipherSuites

        public static java.util.Set<java.lang.String> availableOpenSslCipherSuites()
        Returns all the available OpenSSL cipher suites. Please note that the returned array may include the cipher suites that are insecure or non-functional.

      • availableJavaCipherSuites

        public static java.util.Set<java.lang.String> availableJavaCipherSuites()
        Returns all the available cipher suites (Java-style). Please note that the returned array may include the cipher suites that are insecure or non-functional.

      • isCipherSuiteAvailable

        public static boolean isCipherSuiteAvailable​(java.lang.String cipherSuite)
        Returns true if and only if the specified cipher suite is available in OpenSSL. Both Java-style cipher suite and OpenSSL-style cipher suite are accepted.

      • supportsKeyManagerFactory

        public static boolean supportsKeyManagerFactory()
        Returns true if KeyManagerFactory is supported when using OpenSSL.

      • supportsHostnameValidation

        @Deprecated
public static boolean supportsHostnameValidation()
        Deprecated.
        Will be removed because hostname validation is always done by a TrustManager implementation.
        Always returns true if isAvailable() returns true.