SSL (Apache Tomcat 9.0.87.redhat-00013 API Documentation)

java.lang.Object
- org.apache.tomcat.jni.SSL

public final class SSL
extends java.lang.Object

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`SSL_AIDX_DSA`
`static int`	`SSL_AIDX_ECC`
`static int`	`SSL_AIDX_MAX`
`static int`	`SSL_AIDX_RSA`
`static int`	`SSL_ALGO_ALL`
`static int`	`SSL_ALGO_DSA`
`static int`	`SSL_ALGO_RSA`
`static int`	`SSL_ALGO_UNKNOWN`
`static int`	`SSL_CONF_FLAG_CERTIFICATE`
`static int`	`SSL_CONF_FLAG_CLIENT`
`static int`	`SSL_CONF_FLAG_CMDLINE`
`static int`	`SSL_CONF_FLAG_FILE`
`static int`	`SSL_CONF_FLAG_SERVER`
`static int`	`SSL_CONF_FLAG_SHOW_ERRORS`
`static int`	`SSL_CONF_TYPE_DIR`
`static int`	`SSL_CONF_TYPE_FILE`
`static int`	`SSL_CONF_TYPE_STRING`
`static int`	`SSL_CONF_TYPE_UNKNOWN`
`static int`	`SSL_CRT_FORMAT_ASN1`
`static int`	`SSL_CRT_FORMAT_ENGINE`
`static int`	`SSL_CRT_FORMAT_NETSCAPE`
`static int`	`SSL_CRT_FORMAT_PEM`
`static int`	`SSL_CRT_FORMAT_PKCS12`
`static int`	`SSL_CRT_FORMAT_SMIME`
`static int`	`SSL_CRT_FORMAT_TEXT`
`static int`	`SSL_CRT_FORMAT_UNDEF`
`static int`	`SSL_CVERIFY_NONE`
`static int`	`SSL_CVERIFY_OPTIONAL`
`static int`	`SSL_CVERIFY_OPTIONAL_NO_CA`
`static int`	`SSL_CVERIFY_REQUIRE`
`static int`	`SSL_CVERIFY_UNSET`
`static int`	`SSL_ERROR_NONE`
`static int`	`SSL_ERROR_SSL`
`static int`	`SSL_ERROR_SYSCALL`
`static int`	`SSL_ERROR_WANT_ACCEPT`
`static int`	`SSL_ERROR_WANT_CONNECT`
`static int`	`SSL_ERROR_WANT_READ`
`static int`	`SSL_ERROR_WANT_WRITE`
`static int`	`SSL_ERROR_WANT_X509_LOOKUP`
`static int`	`SSL_ERROR_ZERO_RETURN`
`static int`	`SSL_INFO_CIPHER`
`static int`	`SSL_INFO_CIPHER_ALGKEYSIZE`
`static int`	`SSL_INFO_CIPHER_DESCRIPTION`
`static int`	`SSL_INFO_CIPHER_USEKEYSIZE`
`static int`	`SSL_INFO_CIPHER_VERSION`
`static int`	`SSL_INFO_CLIENT_A_KEY`
`static int`	`SSL_INFO_CLIENT_A_SIG`
`static int`	`SSL_INFO_CLIENT_CERT`
`static int`	`SSL_INFO_CLIENT_CERT_CHAIN`
`static int`	`SSL_INFO_CLIENT_I_DN`
`static int`	`SSL_INFO_CLIENT_M_SERIAL`
`static int`	`SSL_INFO_CLIENT_M_VERSION`
`static int`	`SSL_INFO_CLIENT_S_DN`
`static int`	`SSL_INFO_CLIENT_V_END`
`static int`	`SSL_INFO_CLIENT_V_REMAIN`
`static int`	`SSL_INFO_CLIENT_V_START`
`static int`	`SSL_INFO_DN_COMMONNAME`
`static int`	`SSL_INFO_DN_COUNTRYNAME`
`static int`	`SSL_INFO_DN_DESCRIPTION`
`static int`	`SSL_INFO_DN_EMAILADDRESS`
`static int`	`SSL_INFO_DN_GIVENNAME`
`static int`	`SSL_INFO_DN_INITIALS`
`static int`	`SSL_INFO_DN_LOCALITYNAME`
`static int`	`SSL_INFO_DN_ORGANIZATIONALUNITNAME`
`static int`	`SSL_INFO_DN_ORGANIZATIONNAME`
`static int`	`SSL_INFO_DN_STATEORPROVINCENAME`
`static int`	`SSL_INFO_DN_SURNAME`
`static int`	`SSL_INFO_DN_TITLE`
`static int`	`SSL_INFO_DN_UNIQUEIDENTIFIER`
`static int`	`SSL_INFO_PROTOCOL`
`static int`	`SSL_INFO_SERVER_A_KEY`
`static int`	`SSL_INFO_SERVER_A_SIG`
`static int`	`SSL_INFO_SERVER_CERT`
`static int`	`SSL_INFO_SERVER_I_DN`
`static int`	`SSL_INFO_SERVER_M_SERIAL`
`static int`	`SSL_INFO_SERVER_M_VERSION`
`static int`	`SSL_INFO_SERVER_S_DN`
`static int`	`SSL_INFO_SERVER_V_END`
`static int`	`SSL_INFO_SERVER_V_START`
`static int`	`SSL_INFO_SESSION_ID`
`static int`	`SSL_MODE_CLIENT`
`static int`	`SSL_MODE_COMBINED`
`static int`	`SSL_MODE_SERVER`
`static int`	`SSL_OP_ALL`
`static int`	`SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION`
`static int`	`SSL_OP_CIPHER_SERVER_PREFERENCE`
`static int`	`SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS`
`static int`	`SSL_OP_EPHEMERAL_RSA`
`static int`	`SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER`
`static int`	`SSL_OP_MICROSOFT_SESS_ID_BUG`
`static int`	`SSL_OP_MSIE_SSLV2_RSA_PADDING`
`static int`	`SSL_OP_NETSCAPE_CA_DN_BUG`
`static int`	`SSL_OP_NETSCAPE_CHALLENGE_BUG`
`static int`	`SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG`
`static int`	`SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG`
`static int`	`SSL_OP_NO_COMPRESSION`
`static int`	`SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION`
`static int`	`SSL_OP_NO_SSLv2`
`static int`	`SSL_OP_NO_SSLv3`
`static int`	`SSL_OP_NO_TICKET`
`static int`	`SSL_OP_NO_TLSv1`
`static int`	`SSL_OP_NO_TLSv1_1`
`static int`	`SSL_OP_NO_TLSv1_2`
`static int`	`SSL_OP_PKCS1_CHECK_1` Deprecated. Unsupported in the current version of OpenSSL
`static int`	`SSL_OP_PKCS1_CHECK_2` Deprecated. Unsupported in the current version of OpenSSL
`static int`	`SSL_OP_SINGLE_DH_USE`
`static int`	`SSL_OP_SINGLE_ECDH_USE`
`static int`	`SSL_OP_SSLEAY_080_CLIENT_DH_BUG`
`static int`	`SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG`
`static int`	`SSL_OP_TLS_BLOCK_PADDING_BUG`
`static int`	`SSL_OP_TLS_D5_BUG`
`static int`	`SSL_OP_TLS_ROLLBACK_BUG`
`static int`	`SSL_OPT_ALL`
`static int`	`SSL_OPT_EXPORTCERTDATA`
`static int`	`SSL_OPT_FAKEBASICAUTH`
`static int`	`SSL_OPT_NONE`
`static int`	`SSL_OPT_OPTRENEGOTIATE`
`static int`	`SSL_OPT_RELSET`
`static int`	`SSL_OPT_STDENVVARS`
`static int`	`SSL_OPT_STRICTREQUIRE`
`static int`	`SSL_PROTOCOL_ALL`
`static int`	`SSL_PROTOCOL_NONE`
`static int`	`SSL_PROTOCOL_SSLV2`
`static int`	`SSL_PROTOCOL_SSLV3`
`static int`	`SSL_PROTOCOL_TLSV1`
`static int`	`SSL_PROTOCOL_TLSV1_1`
`static int`	`SSL_PROTOCOL_TLSV1_2`
`static int`	`SSL_PROTOCOL_TLSV1_3`
`static int`	`SSL_RECEIVED_SHUTDOWN`
`static int`	`SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL`
`static int`	`SSL_SELECTOR_FAILURE_NO_ADVERTISE`
`static int`	`SSL_SENT_SHUTDOWN`
`static long`	`SSL_SESS_CACHE_OFF`
`static long`	`SSL_SESS_CACHE_SERVER`
`static int`	`SSL_SHUTDOWN_TYPE_ACCURATE`
`static int`	`SSL_SHUTDOWN_TYPE_STANDARD`
`static int`	`SSL_SHUTDOWN_TYPE_UNCLEAN`
`static int`	`SSL_SHUTDOWN_TYPE_UNSET`
`static int`	`SSL_TMP_KEY_DH_1024`
`static int`	`SSL_TMP_KEY_DH_2048`
`static int`	`SSL_TMP_KEY_DH_4096`
`static int`	`SSL_TMP_KEY_DH_512`
`static int`	`SSL_TMP_KEY_MAX`
`static int`	`SSL_TMP_KEY_RSA_1024`
`static int`	`SSL_TMP_KEY_RSA_2048`
`static int`	`SSL_TMP_KEY_RSA_4096`
`static int`	`SSL_TMP_KEY_RSA_512`
`static int`	`SSL_VERIFY_CLIENT_ONCE`
`static int`	`SSL_VERIFY_FAIL_IF_NO_PEER_CERT`
`static int`	`SSL_VERIFY_NONE`
`static int`	`SSL_VERIFY_PEER`
`static int`	`SSL_VERIFY_PEER_STRICT`
`static int`	`UNSET`

Constructor Summary

Constructors
Constructor and Description

SSL()

Constructors
Constructor and Description
`SSL()`

Method Summary

All Methods Static Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`static int`	`closeBIO(long bio)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static int`	`doHandshake(long ssl)` SSL_do_handshake
`static int`	`fipsModeGet()` Get the status of FIPS Mode.
`static int`	`fipsModeSet(int mode)` Enable/Disable FIPS Mode.
`static void`	`freeBIO(long bio)` BIO_free
`static void`	`freeSSL(long ssl)` SSL_free
`static java.lang.String`	`getAlpnSelected(long ssl)` SSL_get0_alpn_selected
`static java.lang.String`	`getCipherForSSL(long ssl)` SSL_get_cipher.
`static java.lang.String[]`	`getCiphers(long ssl)` Returns all cipher suites that are enabled for negotiation in an SSL handshake.
`static int`	`getError(long ssl, int ret)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static java.lang.String`	`getErrorString(long errorNumber)` Get the error number representing for the given `errorNumber`.
`static int`	`getHandshakeCount(long ssl)` Return the handshake completed count.
`static java.lang.String`	`getLastError()` Deprecated. Unused. Will be removed in Tomcat 10.1
`static int`	`getLastErrorNumber()` Get the error number representing the last error OpenSSL encountered on this thread.
`static java.lang.String`	`getNextProtoNegotiated(long ssl)` Deprecated. Unused. Will be removed in Tomcat 10.1.x
`static int`	`getOptions(long ssl)` Get OpenSSL Option.
`static byte[][]`	`getPeerCertChain(long ssl)` Get the peer certificate chain or `null` if non was send.
`static byte[]`	`getPeerCertificate(long ssl)` Get the peer certificate or `null` if non was send.
`static int`	`getPostHandshakeAuthInProgress(long ssl)` Is post handshake authentication in progress on this connection?
`static byte[]`	`getSessionId(long ssl)` Returns the ID of the session as byte array representation.
`static int`	`getShutdown(long ssl)` SSL_get_shutdown
`static long`	`getTime(long ssl)` SSL_get_time
`static java.lang.String`	`getVersion(long ssl)` SSL_get_version
`static boolean`	`hasOp(int op)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static int`	`initialize(java.lang.String engine)` Initialize OpenSSL support.
`static int`	`isInInit(long ssl)` SSL_in_init.
`static long`	`makeNetworkBIO(long ssl)` Wire up internal and network BIOs for the given SSL instance.
`static long`	`newBIO(long pool, BIOCallback callback)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static long`	`newSSL(long ctx, boolean server)` SSL_new
`static int`	`pendingReadableBytesInSSL(long ssl)` SSL_pending.
`static int`	`pendingWrittenBytesInBIO(long bio)` BIO_ctrl_pending.
`static boolean`	`randLoad(java.lang.String filename)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static boolean`	`randMake(java.lang.String filename, int len, boolean base64)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static boolean`	`randSave(java.lang.String filename)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static void`	`randSet(java.lang.String filename)` Sets global random filename.
`static int`	`readFromBIO(long bio, long rbuf, int rlen)` BIO_read.
`static int`	`readFromSSL(long ssl, long rbuf, int rlen)` SSL_read
`static int`	`renegotiate(long ssl)` SSL_renegotiate
`static int`	`renegotiatePending(long ssl)` SSL_renegotiate_pending
`static void`	`setBIO(long ssl, long rbio, long wbio)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static boolean`	`setCipherSuites(long ssl, java.lang.String ciphers)` Returns the cipher suites available for negotiation in SSL handshake.
`static void`	`setOptions(long ssl, int options)` Set OpenSSL Option.
`static void`	`setPassword(java.lang.String password)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static void`	`setPasswordCallback(PasswordCallback callback)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static void`	`setShutdown(long ssl, int mode)` Deprecated. Unused. Will be removed in Tomcat 10.1
`static void`	`setVerify(long ssl, int level, int depth)` Set Type of Client Certificate verification and Maximum depth of CA Certificates in Client Certificate verification.
`static int`	`shutdownSSL(long ssl)` SSL_shutdown
`static int`	`verifyClientPostHandshake(long ssl)` SSL_verify_client_post_handshake
`static int`	`version()`
`static java.lang.String`	`versionString()`
`static int`	`writeToBIO(long bio, long wbuf, int wlen)` BIO_write.
`static int`	`writeToSSL(long ssl, long wbuf, int wlen)` SSL_write.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - UNSET
```
public static final int UNSET
```
    See Also:
    
    Constant Field Values
  - SSL_ALGO_UNKNOWN
```
public static final int SSL_ALGO_UNKNOWN
```
    See Also:
    
    Constant Field Values
  - SSL_ALGO_RSA
```
public static final int SSL_ALGO_RSA
```
    See Also:
    
    Constant Field Values
  - SSL_ALGO_DSA
```
public static final int SSL_ALGO_DSA
```
    See Also:
    
    Constant Field Values
  - SSL_ALGO_ALL
```
public static final int SSL_ALGO_ALL
```
    See Also:
    
    Constant Field Values
  - SSL_AIDX_RSA
```
public static final int SSL_AIDX_RSA
```
    See Also:
    
    Constant Field Values
  - SSL_AIDX_DSA
```
public static final int SSL_AIDX_DSA
```
    See Also:
    
    Constant Field Values
  - SSL_AIDX_ECC
```
public static final int SSL_AIDX_ECC
```
    See Also:
    
    Constant Field Values
  - SSL_AIDX_MAX
```
public static final int SSL_AIDX_MAX
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_RSA_512
```
public static final int SSL_TMP_KEY_RSA_512
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_RSA_1024
```
public static final int SSL_TMP_KEY_RSA_1024
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_RSA_2048
```
public static final int SSL_TMP_KEY_RSA_2048
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_RSA_4096
```
public static final int SSL_TMP_KEY_RSA_4096
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_DH_512
```
public static final int SSL_TMP_KEY_DH_512
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_DH_1024
```
public static final int SSL_TMP_KEY_DH_1024
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_DH_2048
```
public static final int SSL_TMP_KEY_DH_2048
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_DH_4096
```
public static final int SSL_TMP_KEY_DH_4096
```
    See Also:
    
    Constant Field Values
  - SSL_TMP_KEY_MAX
```
public static final int SSL_TMP_KEY_MAX
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_NONE
```
public static final int SSL_OPT_NONE
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_RELSET
```
public static final int SSL_OPT_RELSET
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_STDENVVARS
```
public static final int SSL_OPT_STDENVVARS
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_EXPORTCERTDATA
```
public static final int SSL_OPT_EXPORTCERTDATA
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_FAKEBASICAUTH
```
public static final int SSL_OPT_FAKEBASICAUTH
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_STRICTREQUIRE
```
public static final int SSL_OPT_STRICTREQUIRE
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_OPTRENEGOTIATE
```
public static final int SSL_OPT_OPTRENEGOTIATE
```
    See Also:
    
    Constant Field Values
  - SSL_OPT_ALL
```
public static final int SSL_OPT_ALL
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_NONE
```
public static final int SSL_PROTOCOL_NONE
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_SSLV2
```
public static final int SSL_PROTOCOL_SSLV2
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_SSLV3
```
public static final int SSL_PROTOCOL_SSLV3
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_TLSV1
```
public static final int SSL_PROTOCOL_TLSV1
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_TLSV1_1
```
public static final int SSL_PROTOCOL_TLSV1_1
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_TLSV1_2
```
public static final int SSL_PROTOCOL_TLSV1_2
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_TLSV1_3
```
public static final int SSL_PROTOCOL_TLSV1_3
```
    See Also:
    
    Constant Field Values
  - SSL_PROTOCOL_ALL
```
public static final int SSL_PROTOCOL_ALL
```
  - SSL_CVERIFY_UNSET
```
public static final int SSL_CVERIFY_UNSET
```
    See Also:
    
    Constant Field Values
  - SSL_CVERIFY_NONE
```
public static final int SSL_CVERIFY_NONE
```
    See Also:
    
    Constant Field Values
  - SSL_CVERIFY_OPTIONAL
```
public static final int SSL_CVERIFY_OPTIONAL
```
    See Also:
    
    Constant Field Values
  - SSL_CVERIFY_REQUIRE
```
public static final int SSL_CVERIFY_REQUIRE
```
    See Also:
    
    Constant Field Values
  - SSL_CVERIFY_OPTIONAL_NO_CA
```
public static final int SSL_CVERIFY_OPTIONAL_NO_CA
```
    See Also:
    
    Constant Field Values
  - SSL_VERIFY_NONE
```
public static final int SSL_VERIFY_NONE
```
    See Also:
    
    Constant Field Values
  - SSL_VERIFY_PEER
```
public static final int SSL_VERIFY_PEER
```
    See Also:
    
    Constant Field Values
  - SSL_VERIFY_FAIL_IF_NO_PEER_CERT
```
public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT
```
    See Also:
    
    Constant Field Values
  - SSL_VERIFY_CLIENT_ONCE
```
public static final int SSL_VERIFY_CLIENT_ONCE
```
    See Also:
    
    Constant Field Values
  - SSL_VERIFY_PEER_STRICT
```
public static final int SSL_VERIFY_PEER_STRICT
```
    See Also:
    
    Constant Field Values
  - SSL_OP_MICROSOFT_SESS_ID_BUG
```
public static final int SSL_OP_MICROSOFT_SESS_ID_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NETSCAPE_CHALLENGE_BUG
```
public static final int SSL_OP_NETSCAPE_CHALLENGE_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
```
public static final int SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
```
public static final int SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
```
public static final int SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
```
    See Also:
    
    Constant Field Values
  - SSL_OP_MSIE_SSLV2_RSA_PADDING
```
public static final int SSL_OP_MSIE_SSLV2_RSA_PADDING
```
    See Also:
    
    Constant Field Values
  - SSL_OP_SSLEAY_080_CLIENT_DH_BUG
```
public static final int SSL_OP_SSLEAY_080_CLIENT_DH_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_TLS_D5_BUG
```
public static final int SSL_OP_TLS_D5_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_TLS_BLOCK_PADDING_BUG
```
public static final int SSL_OP_TLS_BLOCK_PADDING_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
```
public static final int SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
```
    See Also:
    
    Constant Field Values
  - SSL_OP_ALL
```
public static final int SSL_OP_ALL
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
```
public static final int SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_COMPRESSION
```
public static final int SSL_OP_NO_COMPRESSION
```
    See Also:
    
    Constant Field Values
  - SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
```
public static final int SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
```
    See Also:
    
    Constant Field Values
  - SSL_OP_SINGLE_ECDH_USE
```
public static final int SSL_OP_SINGLE_ECDH_USE
```
    See Also:
    
    Constant Field Values
  - SSL_OP_SINGLE_DH_USE
```
public static final int SSL_OP_SINGLE_DH_USE
```
    See Also:
    
    Constant Field Values
  - SSL_OP_EPHEMERAL_RSA
```
public static final int SSL_OP_EPHEMERAL_RSA
```
    See Also:
    
    Constant Field Values
  - SSL_OP_CIPHER_SERVER_PREFERENCE
```
public static final int SSL_OP_CIPHER_SERVER_PREFERENCE
```
    See Also:
    
    Constant Field Values
  - SSL_OP_TLS_ROLLBACK_BUG
```
public static final int SSL_OP_TLS_ROLLBACK_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_SSLv2
```
public static final int SSL_OP_NO_SSLv2
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_SSLv3
```
public static final int SSL_OP_NO_SSLv3
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_TLSv1
```
public static final int SSL_OP_NO_TLSv1
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_TLSv1_2
```
public static final int SSL_OP_NO_TLSv1_2
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_TLSv1_1
```
public static final int SSL_OP_NO_TLSv1_1
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NO_TICKET
```
public static final int SSL_OP_NO_TICKET
```
    See Also:
    
    Constant Field Values
  - SSL_OP_PKCS1_CHECK_1
```
@Deprecated
public static final int SSL_OP_PKCS1_CHECK_1
```
    Deprecated. Unsupported in the current version of OpenSSL
    
    See Also:
    
    Constant Field Values
  - SSL_OP_PKCS1_CHECK_2
```
@Deprecated
public static final int SSL_OP_PKCS1_CHECK_2
```
    Deprecated. Unsupported in the current version of OpenSSL
    
    See Also:
    
    Constant Field Values
  - SSL_OP_NETSCAPE_CA_DN_BUG
```
public static final int SSL_OP_NETSCAPE_CA_DN_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
```
public static final int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_UNDEF
```
public static final int SSL_CRT_FORMAT_UNDEF
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_ASN1
```
public static final int SSL_CRT_FORMAT_ASN1
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_TEXT
```
public static final int SSL_CRT_FORMAT_TEXT
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_PEM
```
public static final int SSL_CRT_FORMAT_PEM
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_NETSCAPE
```
public static final int SSL_CRT_FORMAT_NETSCAPE
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_PKCS12
```
public static final int SSL_CRT_FORMAT_PKCS12
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_SMIME
```
public static final int SSL_CRT_FORMAT_SMIME
```
    See Also:
    
    Constant Field Values
  - SSL_CRT_FORMAT_ENGINE
```
public static final int SSL_CRT_FORMAT_ENGINE
```
    See Also:
    
    Constant Field Values
  - SSL_MODE_CLIENT
```
public static final int SSL_MODE_CLIENT
```
    See Also:
    
    Constant Field Values
  - SSL_MODE_SERVER
```
public static final int SSL_MODE_SERVER
```
    See Also:
    
    Constant Field Values
  - SSL_MODE_COMBINED
```
public static final int SSL_MODE_COMBINED
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_FLAG_CMDLINE
```
public static final int SSL_CONF_FLAG_CMDLINE
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_FLAG_FILE
```
public static final int SSL_CONF_FLAG_FILE
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_FLAG_CLIENT
```
public static final int SSL_CONF_FLAG_CLIENT
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_FLAG_SERVER
```
public static final int SSL_CONF_FLAG_SERVER
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_FLAG_SHOW_ERRORS
```
public static final int SSL_CONF_FLAG_SHOW_ERRORS
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_FLAG_CERTIFICATE
```
public static final int SSL_CONF_FLAG_CERTIFICATE
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_TYPE_UNKNOWN
```
public static final int SSL_CONF_TYPE_UNKNOWN
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_TYPE_STRING
```
public static final int SSL_CONF_TYPE_STRING
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_TYPE_FILE
```
public static final int SSL_CONF_TYPE_FILE
```
    See Also:
    
    Constant Field Values
  - SSL_CONF_TYPE_DIR
```
public static final int SSL_CONF_TYPE_DIR
```
    See Also:
    
    Constant Field Values
  - SSL_SHUTDOWN_TYPE_UNSET
```
public static final int SSL_SHUTDOWN_TYPE_UNSET
```
    See Also:
    
    Constant Field Values
  - SSL_SHUTDOWN_TYPE_STANDARD
```
public static final int SSL_SHUTDOWN_TYPE_STANDARD
```
    See Also:
    
    Constant Field Values
  - SSL_SHUTDOWN_TYPE_UNCLEAN
```
public static final int SSL_SHUTDOWN_TYPE_UNCLEAN
```
    See Also:
    
    Constant Field Values
  - SSL_SHUTDOWN_TYPE_ACCURATE
```
public static final int SSL_SHUTDOWN_TYPE_ACCURATE
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SESSION_ID
```
public static final int SSL_INFO_SESSION_ID
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CIPHER
```
public static final int SSL_INFO_CIPHER
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CIPHER_USEKEYSIZE
```
public static final int SSL_INFO_CIPHER_USEKEYSIZE
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CIPHER_ALGKEYSIZE
```
public static final int SSL_INFO_CIPHER_ALGKEYSIZE
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CIPHER_VERSION
```
public static final int SSL_INFO_CIPHER_VERSION
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CIPHER_DESCRIPTION
```
public static final int SSL_INFO_CIPHER_DESCRIPTION
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_PROTOCOL
```
public static final int SSL_INFO_PROTOCOL
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_S_DN
```
public static final int SSL_INFO_CLIENT_S_DN
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_I_DN
```
public static final int SSL_INFO_CLIENT_I_DN
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_S_DN
```
public static final int SSL_INFO_SERVER_S_DN
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_I_DN
```
public static final int SSL_INFO_SERVER_I_DN
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_COUNTRYNAME
```
public static final int SSL_INFO_DN_COUNTRYNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_STATEORPROVINCENAME
```
public static final int SSL_INFO_DN_STATEORPROVINCENAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_LOCALITYNAME
```
public static final int SSL_INFO_DN_LOCALITYNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_ORGANIZATIONNAME
```
public static final int SSL_INFO_DN_ORGANIZATIONNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_ORGANIZATIONALUNITNAME
```
public static final int SSL_INFO_DN_ORGANIZATIONALUNITNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_COMMONNAME
```
public static final int SSL_INFO_DN_COMMONNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_TITLE
```
public static final int SSL_INFO_DN_TITLE
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_INITIALS
```
public static final int SSL_INFO_DN_INITIALS
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_GIVENNAME
```
public static final int SSL_INFO_DN_GIVENNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_SURNAME
```
public static final int SSL_INFO_DN_SURNAME
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_DESCRIPTION
```
public static final int SSL_INFO_DN_DESCRIPTION
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_UNIQUEIDENTIFIER
```
public static final int SSL_INFO_DN_UNIQUEIDENTIFIER
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_DN_EMAILADDRESS
```
public static final int SSL_INFO_DN_EMAILADDRESS
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_M_VERSION
```
public static final int SSL_INFO_CLIENT_M_VERSION
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_M_SERIAL
```
public static final int SSL_INFO_CLIENT_M_SERIAL
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_V_START
```
public static final int SSL_INFO_CLIENT_V_START
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_V_END
```
public static final int SSL_INFO_CLIENT_V_END
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_A_SIG
```
public static final int SSL_INFO_CLIENT_A_SIG
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_A_KEY
```
public static final int SSL_INFO_CLIENT_A_KEY
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_CERT
```
public static final int SSL_INFO_CLIENT_CERT
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_V_REMAIN
```
public static final int SSL_INFO_CLIENT_V_REMAIN
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_M_VERSION
```
public static final int SSL_INFO_SERVER_M_VERSION
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_M_SERIAL
```
public static final int SSL_INFO_SERVER_M_SERIAL
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_V_START
```
public static final int SSL_INFO_SERVER_V_START
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_V_END
```
public static final int SSL_INFO_SERVER_V_END
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_A_SIG
```
public static final int SSL_INFO_SERVER_A_SIG
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_A_KEY
```
public static final int SSL_INFO_SERVER_A_KEY
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_SERVER_CERT
```
public static final int SSL_INFO_SERVER_CERT
```
    See Also:
    
    Constant Field Values
  - SSL_INFO_CLIENT_CERT_CHAIN
```
public static final int SSL_INFO_CLIENT_CERT_CHAIN
```
    See Also:
    
    Constant Field Values
  - SSL_SESS_CACHE_OFF
```
public static final long SSL_SESS_CACHE_OFF
```
    See Also:
    
    Constant Field Values
  - SSL_SESS_CACHE_SERVER
```
public static final long SSL_SESS_CACHE_SERVER
```
    See Also:
    
    Constant Field Values
  - SSL_SELECTOR_FAILURE_NO_ADVERTISE
```
public static final int SSL_SELECTOR_FAILURE_NO_ADVERTISE
```
    See Also:
    
    Constant Field Values
  - SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL
```
public static final int SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL
```
    See Also:
    
    Constant Field Values
  - SSL_SENT_SHUTDOWN
```
public static final int SSL_SENT_SHUTDOWN
```
    See Also:
    
    Constant Field Values
  - SSL_RECEIVED_SHUTDOWN
```
public static final int SSL_RECEIVED_SHUTDOWN
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_NONE
```
public static final int SSL_ERROR_NONE
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_SSL
```
public static final int SSL_ERROR_SSL
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_WANT_READ
```
public static final int SSL_ERROR_WANT_READ
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_WANT_WRITE
```
public static final int SSL_ERROR_WANT_WRITE
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_WANT_X509_LOOKUP
```
public static final int SSL_ERROR_WANT_X509_LOOKUP
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_SYSCALL
```
public static final int SSL_ERROR_SYSCALL
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_ZERO_RETURN
```
public static final int SSL_ERROR_ZERO_RETURN
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_WANT_CONNECT
```
public static final int SSL_ERROR_WANT_CONNECT
```
    See Also:
    
    Constant Field Values
  - SSL_ERROR_WANT_ACCEPT
```
public static final int SSL_ERROR_WANT_ACCEPT
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - SSL
```
public SSL()
```
- Method Detail
  - version
```
public static int version()
```
  - versionString
```
public static java.lang.String versionString()
```
  - initialize
```
public static int initialize(java.lang.String engine)
```
    Initialize OpenSSL support. This function needs to be called once for the lifetime of JVM. Library.init() has to be called before.
    
    Parameters:
    
    engine - Support for external a Crypto Device ("engine"), usually a hardware accelerator card for crypto operations.
    
    Returns:
    
    APR status code
  - fipsModeGet
```
public static int fipsModeGet()
                       throws java.lang.Exception
```
    Get the status of FIPS Mode.
    
    Returns:
    
    FIPS_mode return code. It is 0 if OpenSSL is not in FIPS mode, 1 if OpenSSL is in FIPS Mode.
    
    Throws:
    
    java.lang.Exception - If tcnative was not compiled with FIPS Mode available.
    
    See Also:
    
    OpenSSL method FIPS_mode()
  - fipsModeSet
```
public static int fipsModeSet(int mode)
                       throws java.lang.Exception
```
    Enable/Disable FIPS Mode.
    
    Parameters:
    
    mode - 1 - enable, 0 - disable
    
    Returns:
    
    FIPS_mode_set return code
    
    Throws:
    
    java.lang.Exception - If tcnative was not compiled with FIPS Mode available, or if FIPS_mode_set() call returned an error value.
    
    See Also:
    
    OpenSSL method FIPS_mode_set()
  - randLoad
```
@Deprecated
public static boolean randLoad(java.lang.String filename)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Add content of the file to the PRNG
    
    Parameters:
    
    filename - Filename containing random data. If null the default file will be tested. The seed file is $RANDFILE if that environment variable is set, $HOME/.rnd otherwise. In case both files are unavailable builtin random seed generator is used.
    
    Returns:
    
    true if the operation was successful
  - randSave
```
@Deprecated
public static boolean randSave(java.lang.String filename)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Writes a number of random bytes (currently 1024) to file filename which can be used to initialize the PRNG by calling randLoad in a later session.
    
    Parameters:
    
    filename - Filename to save the data
    
    Returns:
    
    true if the operation was successful
  - randMake
```
@Deprecated
public static boolean randMake(java.lang.String filename,
                                           int len,
                                           boolean base64)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Creates random data to filename
    
    Parameters:
    
    filename - Filename to save the data
    
    len - The length of random sequence in bytes
    
    base64 - Output the data in Base64 encoded format
    
    Returns:
    
    true if the operation was successful
  - randSet
```
public static void randSet(java.lang.String filename)
```
    Sets global random filename.
    
    Parameters:
    
    filename - Filename to use. If set it will be used for SSL initialization and all contexts where explicitly not set.
  - newBIO
```
@Deprecated
public static long newBIO(long pool,
                                      BIOCallback callback)
                               throws java.lang.Exception
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Initialize new BIO
    
    Parameters:
    
    pool - The pool to use.
    
    callback - BIOCallback to use
    
    Returns:
    
    New BIO handle
    
    Throws:
    
    java.lang.Exception - An error occurred
  - closeBIO
```
@Deprecated
public static int closeBIO(long bio)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Close BIO and dereference callback object
    
    Parameters:
    
    bio - BIO to close and destroy.
    
    Returns:
    
    APR Status code
  - setPasswordCallback
```
@Deprecated
public static void setPasswordCallback(PasswordCallback callback)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Set global Password callback for obtaining passwords.
    
    Parameters:
    
    callback - PasswordCallback implementation to use.
  - setPassword
```
@Deprecated
public static void setPassword(java.lang.String password)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Set global Password for decrypting certificates and keys.
    
    Parameters:
    
    password - Password to use.
  - getLastError
```
@Deprecated
public static java.lang.String getLastError()
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Return last SSL error string
    
    Returns:
    
    the error string
  - hasOp
```
@Deprecated
public static boolean hasOp(int op)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    Return true if all the requested SSL_OP_* are supported by OpenSSL. Note that for versions of tcnative < 1.1.25, this method will return true if and only if op= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION and tcnative supports that flag.
    
    Parameters:
    
    op - Bitwise-OR of all SSL_OP_* to test.
    
    Returns:
    
    true if all SSL_OP_* are supported by OpenSSL library.
  - getHandshakeCount
```
public static int getHandshakeCount(long ssl)
```
    Return the handshake completed count.
    
    Parameters:
    
    ssl - SSL pointer
    
    Returns:
    
    the count
  - newSSL
```
public static long newSSL(long ctx,
                          boolean server)
```
    SSL_new
    
    Parameters:
    
    ctx - Server or Client context to use.
    
    server - if true configure SSL instance to use accept handshake routines if false configure SSL instance to use connect handshake routines
    
    Returns:
    
    pointer to SSL instance (SSL *)
  - setBIO
```
@Deprecated
public static void setBIO(long ssl,
                                      long rbio,
                                      long wbio)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    SSL_set_bio
    
    Parameters:
    
    ssl - SSL pointer (SSL *)
    
    rbio - read BIO pointer (BIO *)
    
    wbio - write BIO pointer (BIO *)
  - getError
```
@Deprecated
public static int getError(long ssl,
                                       int ret)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    SSL_get_error
    
    Parameters:
    
    ssl - SSL pointer (SSL *)
    
    ret - TLS/SSL I/O return value
    
    Returns:
    
    the error status
  - pendingWrittenBytesInBIO
```
public static int pendingWrittenBytesInBIO(long bio)
```
    BIO_ctrl_pending.
    
    Parameters:
    
    bio - BIO pointer (BIO *)
    
    Returns:
    
    the pending bytes count
  - pendingReadableBytesInSSL
```
public static int pendingReadableBytesInSSL(long ssl)
```
    SSL_pending.
    
    Parameters:
    
    ssl - SSL pointer (SSL *)
    
    Returns:
    
    the pending bytes count
  - writeToBIO
```
public static int writeToBIO(long bio,
                             long wbuf,
                             int wlen)
```
    BIO_write.
    
    Parameters:
    
    bio - BIO pointer
    
    wbuf - Buffer pointer
    
    wlen - Write length
    
    Returns:
    
    the bytes count written
  - readFromBIO
```
public static int readFromBIO(long bio,
                              long rbuf,
                              int rlen)
```
    BIO_read.
    
    Parameters:
    
    bio - BIO pointer
    
    rbuf - Buffer pointer
    
    rlen - Read length
    
    Returns:
    
    the bytes count read
  - writeToSSL
```
public static int writeToSSL(long ssl,
                             long wbuf,
                             int wlen)
```
    SSL_write.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    wbuf - Buffer pointer
    
    wlen - Write length
    
    Returns:
    
    the bytes count written
  - readFromSSL
```
public static int readFromSSL(long ssl,
                              long rbuf,
                              int rlen)
```
    SSL_read
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    rbuf - Buffer pointer
    
    rlen - Read length
    
    Returns:
    
    the bytes count read
  - getShutdown
```
public static int getShutdown(long ssl)
```
    SSL_get_shutdown
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the operation status
  - setShutdown
```
@Deprecated
public static void setShutdown(long ssl,
                                           int mode)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1
    
    SSL_set_shutdown
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    mode - Shutdown mode
  - freeSSL
```
public static void freeSSL(long ssl)
```
    SSL_free
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
  - makeNetworkBIO
```
public static long makeNetworkBIO(long ssl)
```
    Wire up internal and network BIOs for the given SSL instance. Warning: you must explicitly free this resource by calling freeBIO While the SSL's internal/application data BIO will be freed when freeSSL is called on the provided SSL instance, you must call freeBIO on the returned network BIO.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    pointer to the Network BIO (BIO *)
  - freeBIO
```
public static void freeBIO(long bio)
```
    BIO_free
    
    Parameters:
    
    bio - BIO pointer
  - shutdownSSL
```
public static int shutdownSSL(long ssl)
```
    SSL_shutdown
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the operation status
  - getLastErrorNumber
```
public static int getLastErrorNumber()
```
    Get the error number representing the last error OpenSSL encountered on this thread.
    
    Returns:
    
    the last error number
  - getCipherForSSL
```
public static java.lang.String getCipherForSSL(long ssl)
```
    SSL_get_cipher.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the cipher name
  - getVersion
```
public static java.lang.String getVersion(long ssl)
```
    SSL_get_version
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the SSL version in use
  - doHandshake
```
public static int doHandshake(long ssl)
```
    SSL_do_handshake
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the handshake status
  - renegotiate
```
public static int renegotiate(long ssl)
```
    SSL_renegotiate
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the operation status
  - renegotiatePending
```
public static int renegotiatePending(long ssl)
```
    SSL_renegotiate_pending
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the operation status
  - verifyClientPostHandshake
```
public static int verifyClientPostHandshake(long ssl)
```
    SSL_verify_client_post_handshake
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the operation status
  - getPostHandshakeAuthInProgress
```
public static int getPostHandshakeAuthInProgress(long ssl)
```
    Is post handshake authentication in progress on this connection?
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the operation status
  - isInInit
```
public static int isInInit(long ssl)
```
    SSL_in_init.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the status
  - getNextProtoNegotiated
```
@Deprecated
public static java.lang.String getNextProtoNegotiated(long ssl)
```
    Deprecated. Unused. Will be removed in Tomcat 10.1.x
    
    SSL_get0_next_proto_negotiated
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the NPN protocol negotiated
  - getAlpnSelected
```
public static java.lang.String getAlpnSelected(long ssl)
```
    SSL_get0_alpn_selected
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the ALPN protocol negotiated
  - getPeerCertChain
```
public static byte[][] getPeerCertChain(long ssl)
```
    Get the peer certificate chain or null if non was send.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the certificate chain bytes
  - getPeerCertificate
```
public static byte[] getPeerCertificate(long ssl)
```
    Get the peer certificate or null if non was send.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the certificate bytes
  - getErrorString
```
public static java.lang.String getErrorString(long errorNumber)
```
    Get the error number representing for the given errorNumber.
    
    Parameters:
    
    errorNumber - The error code
    
    Returns:
    
    an error message
  - getTime
```
public static long getTime(long ssl)
```
    SSL_get_time
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    returns the time at which the session ssl was established. The time is given in seconds since the Epoch
  - setVerify
```
public static void setVerify(long ssl,
                             int level,
                             int depth)
```
    Set Type of Client Certificate verification and Maximum depth of CA Certificates in Client Certificate verification.
    This directive sets the Certificate verification level for the Client Authentication. Notice that this directive can be used both in per-server and per-directory context. In per-server context it applies to the client authentication process used in the standard SSL handshake when a connection is established. In per-directory context it forces an SSL renegotiation with the reconfigured client verification level after the HTTP request was read but before the HTTP response is sent.
    The following levels are available for level:
```
 SSL_CVERIFY_NONE           - No client Certificate is required at all
 SSL_CVERIFY_OPTIONAL       - The client may present a valid Certificate
 SSL_CVERIFY_REQUIRE        - The client has to present a valid Certificate
 SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid Certificate
                              but it need not to be (successfully) verifiable
 
```
    The depth actually is the maximum number of intermediate certificate issuers, i.e. the number of CA certificates which are max allowed to be followed while verifying the client certificate. A depth of 0 means that self-signed client certificates are accepted only, the default depth of 1 means the client certificate can be self-signed or has to be signed by a CA which is directly known to the server (i.e. the CA's certificate is under setCACertificatePath, etc.
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    level - Type of Client Certificate verification.
    
    depth - Maximum depth of CA Certificates in Client Certificate verification.
  - setOptions
```
public static void setOptions(long ssl,
                              int options)
```
    Set OpenSSL Option.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    options - See SSL.SSL_OP_* for option flags.
  - getOptions
```
public static int getOptions(long ssl)
```
    Get OpenSSL Option.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    options See SSL.SSL_OP_* for option flags.
  - getCiphers
```
public static java.lang.String[] getCiphers(long ssl)
```
    Returns all cipher suites that are enabled for negotiation in an SSL handshake.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    ciphers
  - setCipherSuites
```
public static boolean setCipherSuites(long ssl,
                                      java.lang.String ciphers)
                               throws java.lang.Exception
```
    Returns the cipher suites available for negotiation in SSL handshake.
    This complex directive uses a colon-separated cipher-spec string consisting of OpenSSL cipher specifications to configure the Cipher Suite the client is permitted to negotiate in the SSL handshake phase. Notice that this directive can be used both in per-server and per-directory context. In per-server context it applies to the standard SSL handshake when a connection is established. In per-directory context it forces an SSL renegotiation with the reconfigured Cipher Suite after the HTTP request was read but before the HTTP response is sent.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    ciphers - an SSL cipher specification
    
    Returns:
    
    true if the operation was successful
    
    Throws:
    
    java.lang.Exception - An error occurred
  - getSessionId
```
public static byte[] getSessionId(long ssl)
```
    Returns the ID of the session as byte array representation.
    
    Parameters:
    
    ssl - the SSL instance (SSL *)
    
    Returns:
    
    the session as byte array representation obtained via SSL_SESSION_get_id.

Copyright © 2000-2024 Apache Software Foundation.
Apache Tomcat, Tomcat, Apache, the Apache Tomcat logo and the Apache logo are either registered trademarks or trademarks of the Apache Software Foundation.

Class SSL

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

UNSET

SSL_ALGO_UNKNOWN

SSL_ALGO_RSA

SSL_ALGO_DSA

SSL_ALGO_ALL

SSL_AIDX_RSA

SSL_AIDX_DSA

SSL_AIDX_ECC

SSL_AIDX_MAX

SSL_TMP_KEY_RSA_512

SSL_TMP_KEY_RSA_1024

SSL_TMP_KEY_RSA_2048

SSL_TMP_KEY_RSA_4096

SSL_TMP_KEY_DH_512

SSL_TMP_KEY_DH_1024

SSL_TMP_KEY_DH_2048

SSL_TMP_KEY_DH_4096

SSL_TMP_KEY_MAX

SSL_OPT_NONE

SSL_OPT_RELSET

SSL_OPT_STDENVVARS

SSL_OPT_EXPORTCERTDATA

SSL_OPT_FAKEBASICAUTH

SSL_OPT_STRICTREQUIRE

SSL_OPT_OPTRENEGOTIATE

SSL_OPT_ALL

SSL_PROTOCOL_NONE

SSL_PROTOCOL_SSLV2

SSL_PROTOCOL_SSLV3

SSL_PROTOCOL_TLSV1

SSL_PROTOCOL_TLSV1_1

SSL_PROTOCOL_TLSV1_2

SSL_PROTOCOL_TLSV1_3

SSL_PROTOCOL_ALL

SSL_CVERIFY_UNSET

SSL_CVERIFY_NONE

SSL_CVERIFY_OPTIONAL

SSL_CVERIFY_REQUIRE

SSL_CVERIFY_OPTIONAL_NO_CA

SSL_VERIFY_NONE

SSL_VERIFY_PEER

SSL_VERIFY_FAIL_IF_NO_PEER_CERT

SSL_VERIFY_CLIENT_ONCE

SSL_VERIFY_PEER_STRICT

SSL_OP_MICROSOFT_SESS_ID_BUG

SSL_OP_NETSCAPE_CHALLENGE_BUG

SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG

SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG

SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER

SSL_OP_MSIE_SSLV2_RSA_PADDING

SSL_OP_SSLEAY_080_CLIENT_DH_BUG

SSL_OP_TLS_D5_BUG

SSL_OP_TLS_BLOCK_PADDING_BUG

SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

SSL_OP_ALL

SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION

SSL_OP_NO_COMPRESSION

SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

SSL_OP_SINGLE_ECDH_USE

SSL_OP_SINGLE_DH_USE

SSL_OP_EPHEMERAL_RSA

SSL_OP_CIPHER_SERVER_PREFERENCE

SSL_OP_TLS_ROLLBACK_BUG

SSL_OP_NO_SSLv2

SSL_OP_NO_SSLv3

SSL_OP_NO_TLSv1

SSL_OP_NO_TLSv1_2

SSL_OP_NO_TLSv1_1

SSL_OP_NO_TICKET

SSL_OP_PKCS1_CHECK_1

SSL_OP_PKCS1_CHECK_2

SSL_OP_NETSCAPE_CA_DN_BUG

SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG

SSL_CRT_FORMAT_UNDEF