SSL configuration can range from relatively straightforward to relatively complex. In an effort to provide a common configuration layer among multiple server and client implementations,
(hopefully) easier to use than the Java native SSL configuration layers, while also providing deserialization from
JSON. It is meant to service the majority of server and client SSL configuration use-cases.
While not exposed to the end-user, the overall configuration structure is guided by sslcontext-kickstart.
ClassDescriptionThe TLS ciphers.Include the ciphers explicitly defined.Includes intermediate ciphers for TLSv1.3 and TLSv1.2.Include the ciphers defined by the JDK.Includes modern ciphers for TLSv1.3 and TLSv1.2.Include the ciphers defined by the system properties "https.cipherSuites".The identity material configuration.The identity material configuration from a key store.An identity materials list.The identity material configuration from a certificate and private key.Include the identity material defined by the system properties "javax.net.ssl.keyStore", "javax.net.ssl.keyStorePassword", "javax.net.ssl.keyStoreType", and "javax.net.ssl.keyStoreProvider".The TLS protocols.Include the protocols explicitly defined.Include the protocols defined by the JDK.Includes the protocol "TLSv1.3".Include the protocols defined by the system properties "https.protocols".The SSL configuration object.The trust material configuration.The unsafe trust that will trust all certificates without validation.The trust material from a certificate(s).A custom trust configuration provided via
Certificate.The trust material from the JDK.A trust materials list.The trust material from the system properties "javax.net.ssl.trustStore", "javax.net.ssl.trustStorePassword", "javax.net.ssl.trustStoreType", and "javax.net.ssl.trustStoreProvider".The trust material from a trust store.The trust material from the system.