Class OpenSsl

java.lang.Object
io.netty.handler.ssl.OpenSsl
public final class OpenSsl extends Object
Tells if netty-tcnative and its OpenSSL support are available.

  • Method Details

    • isAvailable

      public static boolean isAvailable()
      Returns true if and only if netty-tcnative and its OpenSSL support are available.

    • isAlpnSupported

      @Deprecated public static boolean isAlpnSupported()
      Deprecated.
      use SslProvider.isAlpnSupported(SslProvider) with SslProvider.OPENSSL.
      Returns true if the used version of openssl supports ALPN.

    • isOcspSupported

      public static boolean isOcspSupported()
      Returns true if the used version of OpenSSL supports OCSP stapling.

    • isRenegotiationSupported

      public static boolean isRenegotiationSupported()
      Returns true if the used version of OpenSSL supports renegotiation.

      Some implementations, such as BoringSSL and AWS-LC, intentionally do not support renegotiation.

      Returns:
      true if renegotiation is supported, otherwise false.

    • version

      public static int version()
      Returns the version of the used available OpenSSL library or -1 if isAvailable() returns false.

    • versionString

      public static String versionString()
      Returns the version string of the used available OpenSSL library or null if isAvailable() returns false.

    • ensureAvailability

      public static void ensureAvailability()
      Ensure that netty-tcnative and its OpenSSL support are available.
      Throws:
      UnsatisfiedLinkError - if unavailable

    • unavailabilityCause

      public static Throwable unavailabilityCause()
      Returns the cause of unavailability of netty-tcnative and its OpenSSL support.
      Returns:
      the cause if unavailable. null if available.

    • availableCipherSuites

      @Deprecated public static Set<String> availableCipherSuites()
      Deprecated.
      use availableOpenSslCipherSuites()

    • availableOpenSslCipherSuites

      public static Set<String> availableOpenSslCipherSuites()
      Returns all the available OpenSSL cipher suites. Please note that the returned array may include the cipher suites that are insecure or non-functional.

    • availableJavaCipherSuites

      public static Set<String> availableJavaCipherSuites()
      Returns all the available cipher suites (Java-style). Please note that the returned array may include the cipher suites that are insecure or non-functional.

    • isCipherSuiteAvailable

      public static boolean isCipherSuiteAvailable(String cipherSuite)
      Returns true if and only if the specified cipher suite is available in OpenSSL. Both Java-style cipher suite and OpenSSL-style cipher suite are accepted.

    • supportsKeyManagerFactory

      public static boolean supportsKeyManagerFactory()
      Returns true if KeyManagerFactory is supported when using OpenSSL.

    • supportsHostnameValidation

      @Deprecated public static boolean supportsHostnameValidation()
      Deprecated.
      Will be removed because hostname validation is always done by a TrustManager implementation.
      Always returns true if isAvailable() returns true.