org.apache.commons.net.ftp

Class FTPSClient

java.lang.Object

org.apache.commons.net.SocketClient

org.apache.commons.net.ftp.FTP

org.apache.commons.net.ftp.FTPClient

org.apache.commons.net.ftp.FTPSClient

All Implemented Interfaces:

Configurable

public class FTPSClient
extends FTPClient

FTP over SSL processing. If desired, the JVM property -Djavax.net.debug=all can be used to see wire-level SSL details. Warning: the hostname is not verified against the certificate by default, use setHostnameVerifier(HostnameVerifier) or setEndpointCheckingEnabled(boolean) (on Java 1.7+) to enable verification. Verification is only performed on client mode connections.

Since:

2.0

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.commons.net.ftp.FTPClient

FTPClient.HostnameResolver, FTPClient.NatServerResolverImpl

Field Summary

Fields

Modifier and Type	Field and Description
static int	DEFAULT_FTPS_DATA_PORT
static int	DEFAULT_FTPS_PORT
static String	KEYSTORE_ALGORITHM Deprecated. - not used - may be removed in a future release
static String	PROVIDER Deprecated. - not used - may be removed in a future release
static String	STORE_TYPE Deprecated. - not used - may be removed in a future release
static String	TRUSTSTORE_ALGORITHM Deprecated. - not used - may be removed in a future release

Fields inherited from class org.apache.commons.net.ftp.FTPClient

ACTIVE_LOCAL_DATA_CONNECTION_MODE, ACTIVE_REMOTE_DATA_CONNECTION_MODE, FTP_IP_ADDRESS_FROM_PASV_RESPONSE, FTP_SYSTEM_TYPE, FTP_SYSTEM_TYPE_DEFAULT, PASSIVE_LOCAL_DATA_CONNECTION_MODE, PASSIVE_REMOTE_DATA_CONNECTION_MODE, SYSTEM_TYPE_PROPERTIES

Fields inherited from class org.apache.commons.net.ftp.FTP

_commandSupport_, _controlEncoding, _controlInput_, _controlOutput_, _newReplyString, _replyCode, _replyLines, _replyString, ASCII_FILE_TYPE, BINARY_FILE_TYPE, BLOCK_TRANSFER_MODE, CARRIAGE_CONTROL_TEXT_FORMAT, COMPRESSED_TRANSFER_MODE, DEFAULT_CONTROL_ENCODING, DEFAULT_DATA_PORT, DEFAULT_PORT, EBCDIC_FILE_TYPE, FILE_STRUCTURE, LOCAL_FILE_TYPE, NON_PRINT_TEXT_FORMAT, PAGE_STRUCTURE, RECORD_STRUCTURE, REPLY_CODE_LEN, STREAM_TRANSFER_MODE, strictMultilineParsing, TELNET_TEXT_FORMAT

Fields inherited from class org.apache.commons.net.SocketClient

_defaultPort_, _hostname_, _input_, _output_, _serverSocketFactory_, _socket_, _socketFactory_, _timeout_, connectTimeout, NETASCII_EOL

Constructor Summary

Constructors

Constructor and Description
FTPSClient() Constructor for FTPSClient, calls FTPSClient(String, boolean).
FTPSClient(boolean isImplicit) Constructor for FTPSClient, using DEFAULT_PROTOCOL - i.e.
FTPSClient(boolean isImplicit, SSLContext context) Constructor for FTPSClient, using DEFAULT_PROTOCOL - i.e.
FTPSClient(SSLContext context) Constructor for FTPSClient, using DEFAULT_PROTOCOL - i.e.
FTPSClient(String protocol) Constructor for FTPSClient, using explict mode, calls FTPSClient(String, boolean).
FTPSClient(String protocol, boolean isImplicit) Constructor for FTPSClient allowing specification of protocol and security mode.

Method Summary

Modifier and Type	Method and Description
protected void	_connectAction_() Because there are so many connect() methods, the _connectAction_() method is provided as a means of performing some action immediately after establishing a connection, rather than reimplementing all of the connect() methods.
protected Socket	_openDataConnection_(int command, String arg) Deprecated. (3.3) Use FTPClient._openDataConnection_(FTPCmd, String) instead
protected Socket	_openDataConnection_(String command, String arg) Returns a socket of the data connection.
protected void	_prepareDataSocket_(Socket socket) Performs any custom initialization for a newly created SSLSocket (before the SSL handshake happens).
void	disconnect() Closes the connection to the FTP server and restores connection parameters to the default values.
int	execADAT(byte[] data) Send the ADAT command with the specified authentication data.
protected void	execAUTH() AUTH command.
int	execAUTH(String mechanism) Send the AUTH command with the specified mechanism.
int	execCCC() Send the CCC command to the server.
int	execCONF(byte[] data) Send the CONF command with the specified data.
int	execENC(byte[] data) Send the ENC command with the specified data.
int	execMIC(byte[] data) Send the MIC command with the specified data.
void	execPBSZ(long pbsz) PBSZ command.
void	execPROT(String prot) PROT command.
String	getAuthValue() Return AUTH command use value.
String[]	getEnabledCipherSuites() Returns the names of the cipher suites which could be enabled for use on this connection.
String[]	getEnabledProtocols() Returns the names of the protocol versions which are currently enabled for use on this connection.
boolean	getEnableSessionCreation() Returns true if new SSL sessions may be established by this socket.
HostnameVerifier	getHostnameVerifier() Get the currently configured HostnameVerifier.
boolean	getNeedClientAuth() Returns true if the socket will require client authentication.
TrustManager	getTrustManager() Get the currently configured TrustManager.
boolean	getUseClientMode() Returns true if the socket is set to use client mode in its first handshake.
boolean	getWantClientAuth() Returns true if the socket will request client authentication.
boolean	isEndpointCheckingEnabled() Return whether or not endpoint identification using the HTTPS algorithm on Java 1.7+ is enabled.
byte[]	parseADATReply(String reply) Parses the given ADAT response line and base64-decodes the data.
long	parsePBSZ(long pbsz) PBSZ command.
int	sendCommand(String command, String args) Send an FTP command.
void	setAuthValue(String auth) Set AUTH command use value.
void	setEnabledCipherSuites(String[] cipherSuites) Controls which particular cipher suites are enabled for use on this connection.
void	setEnabledProtocols(String[] protocolVersions) Controls which particular protocol versions are enabled for use on this connection.
void	setEnabledSessionCreation(boolean isCreation) Controls whether a new SSL session may be established by this socket.
void	setEndpointCheckingEnabled(boolean enable) Automatic endpoint identification checking using the HTTPS algorithm is supported on Java 1.7+.
void	setHostnameVerifier(HostnameVerifier newHostnameVerifier) Override the default HostnameVerifier to use.
void	setKeyManager(KeyManager keyManager) Set a KeyManager to use
void	setNeedClientAuth(boolean isNeedClientAuth) Configures the socket to require client authentication.
void	setTrustManager(TrustManager trustManager) Override the default TrustManager to use; if set to null, the default TrustManager from the JVM will be used.
void	setUseClientMode(boolean isClientMode) Configures the socket to use client (or server) mode in its first handshake.
void	setWantClientAuth(boolean isWantClientAuth) Configures the socket to request client authentication, but only if such a request is appropriate to the cipher suite negotiated.
protected void	sslNegotiation() SSL/TLS negotiation.

Methods inherited from class org.apache.commons.net.ftp.FTPClient

_connectAction_, _openDataConnection_, _parseExtendedPassiveModeReply, _parsePassiveModeReply, _retrieveFile, _retrieveFileStream, _storeFile, _storeFileStream, abort, allocate, allocate, allocate, allocate, appendFile, appendFileStream, changeToParentDirectory, changeWorkingDirectory, completePendingCommand, configure, deleteFile, doCommand, doCommandAsStrings, enterLocalActiveMode, enterLocalPassiveMode, enterRemoteActiveMode, enterRemotePassiveMode, features, featureValue, featureValues, getAutodetectUTF8, getBufferSize, getControlKeepAliveReplyTimeout, getControlKeepAliveReplyTimeoutDuration, getControlKeepAliveTimeout, getControlKeepAliveTimeoutDuration, getCopyStreamListener, getCslDebug, getDataConnectionMode, getDataTimeout, getListArguments, getListHiddenFiles, getModificationTime, getPassiveHost, getPassiveLocalIPAddress, getPassivePort, getReceiveDataSocketBufferSize, getRestartOffset, getSendDataSocketBufferSize, getSize, getStatus, getStatus, getSystemName, getSystemType, hasFeature, hasFeature, hasFeature, initiateListParsing, initiateListParsing, initiateListParsing, initiateMListParsing, initiateMListParsing, isIpAddressFromPasvResponse, isRemoteVerificationEnabled, isUseEPSVwithIPv4, listDirectories, listDirectories, listFiles, listFiles, listFiles, listHelp, listHelp, listNames, listNames, login, login, logout, makeDirectory, mdtmCalendar, mdtmFile, mdtmInstant, mlistDir, mlistDir, mlistDir, mlistFile, printWorkingDirectory, reinitialize, remoteAppend, remoteRetrieve, remoteStore, remoteStoreUnique, remoteStoreUnique, removeDirectory, rename, restart, retrieveFile, retrieveFileStream, sendNoOp, sendSiteCommand, setActiveExternalIPAddress, setActivePortRange, setAutodetectUTF8, setBufferSize, setControlKeepAliveReplyTimeout, setControlKeepAliveReplyTimeout, setControlKeepAliveTimeout, setControlKeepAliveTimeout, setCopyStreamListener, setDataTimeout, setDataTimeout, setFileStructure, setFileTransferMode, setFileType, setFileType, setIpAddressFromPasvResponse, setListHiddenFiles, setModificationTime, setParserFactory, setPassiveLocalIPAddress, setPassiveLocalIPAddress, setPassiveNatWorkaround, setPassiveNatWorkaroundStrategy, setReceieveDataSocketBufferSize, setRemoteVerificationEnabled, setReportActiveExternalIPAddress, setRestartOffset, setSendDataSocketBufferSize, setUseEPSVwithIPv4, storeFile, storeFileStream, storeUniqueFile, storeUniqueFile, storeUniqueFileStream, storeUniqueFileStream, structureMount

Methods inherited from class org.apache.commons.net.ftp.FTP

__getReplyNoReport, __noop, abor, acct, allo, allo, allo, allo, appe, cdup, cwd, dele, eprt, epsv, feat, getCommandSupport, getControlEncoding, getReply, getReplyCode, getReplyString, getReplyStrings, help, help, isStrictMultilineParsing, isStrictReplyParsing, list, list, mdtm, mfmt, mkd, mlsd, mlsd, mlst, mlst, mode, nlst, nlst, noop, pass, pasv, port, pwd, quit, rein, rest, retr, rmd, rnfr, rnto, sendCommand, sendCommand, sendCommand, sendCommand, sendCommand, setControlEncoding, setStrictMultilineParsing, setStrictReplyParsing, site, size, smnt, stat, stat, stor, stou, stou, stru, syst, type, type, user

Methods inherited from class org.apache.commons.net.SocketClient

addProtocolCommandListener, applySocketAttributes, connect, connect, connect, connect, connect, connect, createCommandSupport, fireCommandSent, fireReplyReceived, getCharset, getCharsetName, getConnectTimeout, getDefaultPort, getDefaultTimeout, getKeepAlive, getLocalAddress, getLocalPort, getProxy, getReceiveBufferSize, getRemoteAddress, getRemotePort, getSendBufferSize, getServerSocketFactory, getSoLinger, getSoTimeout, getTcpNoDelay, isAvailable, isConnected, removeProtocolCommandListener, setCharset, setConnectTimeout, setDefaultPort, setDefaultTimeout, setKeepAlive, setProxy, setReceiveBufferSize, setSendBufferSize, setServerSocketFactory, setSocketFactory, setSoLinger, setSoTimeout, setTcpNoDelay, verifyRemote

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_FTPS_DATA_PORT

public static final int DEFAULT_FTPS_DATA_PORT

See Also:

Constant Field Values

DEFAULT_FTPS_PORT

public static final int DEFAULT_FTPS_PORT

See Also:

Constant Field Values

KEYSTORE_ALGORITHM

@Deprecated
public static String KEYSTORE_ALGORITHM

Deprecated. - not used - may be removed in a future release

TRUSTSTORE_ALGORITHM

@Deprecated
public static String TRUSTSTORE_ALGORITHM

Deprecated. - not used - may be removed in a future release

PROVIDER

@Deprecated
public static String PROVIDER

Deprecated. - not used - may be removed in a future release

STORE_TYPE

@Deprecated
public static String STORE_TYPE

Deprecated. - not used - may be removed in a future release

Constructor Detail

FTPSClient

public FTPSClient()

Constructor for FTPSClient, calls FTPSClient(String, boolean). Sets protocol to DEFAULT_PROTOCOL - i.e. TLS - and security mode to explicit (isImplicit = false)

FTPSClient

public FTPSClient(boolean isImplicit)

Constructor for FTPSClient, using DEFAULT_PROTOCOL - i.e. TLS Calls FTPSClient(String, boolean)

Parameters:

isImplicit - The security mode (Implicit/Explicit).

FTPSClient

public FTPSClient(boolean isImplicit,
                  SSLContext context)

Constructor for FTPSClient, using DEFAULT_PROTOCOL - i.e. TLS The default TrustManager is set from TrustManagerUtils.getValidateServerCertificateTrustManager()

Parameters:

isImplicit - The security mode(Implicit/Explicit).

context - A pre-configured SSL Context

FTPSClient

public FTPSClient(SSLContext context)

Constructor for FTPSClient, using DEFAULT_PROTOCOL - i.e. TLS and isImplicit false Calls FTPSClient(boolean, SSLContext)

Parameters:

context - A pre-configured SSL Context

FTPSClient

public FTPSClient(String protocol)

Constructor for FTPSClient, using explict mode, calls FTPSClient(String, boolean).

Parameters:

protocol - the protocol to use

FTPSClient

public FTPSClient(String protocol,
                  boolean isImplicit)

Constructor for FTPSClient allowing specification of protocol and security mode. If isImplicit is true, the port is set to DEFAULT_FTPS_PORT i.e. 990. The default TrustManager is set from TrustManagerUtils.getValidateServerCertificateTrustManager()

Parameters:

protocol - the protocol

isImplicit - The security mode(Implicit/Explicit).

Method Detail

_connectAction_

protected void _connectAction_()
                        throws IOException

Because there are so many connect() methods, the _connectAction_() method is provided as a means of performing some action immediately after establishing a connection, rather than reimplementing all of the connect() methods.

Overrides:

_connectAction_ in class FTPClient

Throws:

IOException - If it throw by _connectAction_.

See Also:

SocketClient._connectAction_()

_openDataConnection_

@Deprecated
protected Socket _openDataConnection_(int command,
                                                  String arg)
                                           throws IOException

Deprecated. (3.3) Use FTPClient._openDataConnection_(FTPCmd, String) instead

Returns a socket of the data connection. Wrapped as an SSLSocket, which carries out handshake processing.

Overrides:

_openDataConnection_ in class FTPClient

Parameters:

command - The int representation of the FTP command to send.

arg - The arguments to the FTP command. If this parameter is set to null, then the command is sent with no arguments.

Returns:

corresponding to the established data connection. Null is returned if an FTP protocol error is reported at any point during the establishment and initialization of the connection.

Throws:

IOException - If there is any problem with the connection.

See Also:

FTPClient._openDataConnection_(int, String)

_openDataConnection_

protected Socket _openDataConnection_(String command,
                                      String arg)
                               throws IOException

Returns a socket of the data connection. Wrapped as an SSLSocket, which carries out handshake processing.

Overrides:

_openDataConnection_ in class FTPClient

Parameters:

command - The textual representation of the FTP command to send.

arg - The arguments to the FTP command. If this parameter is set to null, then the command is sent with no arguments.

Returns:

corresponding to the established data connection. Null is returned if an FTP protocol error is reported at any point during the establishment and initialization of the connection.

Throws:

IOException - If there is any problem with the connection.

Since:

3.2

See Also:

FTPClient._openDataConnection_(int, String)

_prepareDataSocket_

protected void _prepareDataSocket_(Socket socket)
                            throws IOException

Performs any custom initialization for a newly created SSLSocket (before the SSL handshake happens). Called by _openDataConnection_(int, String) immediately after creating the socket. The default implementation is a no-op

Parameters:

socket - the socket to set up

Throws:

IOException - on error

Since:

3.1

disconnect

public void disconnect()
                throws IOException

Closes the connection to the FTP server and restores connection parameters to the default values.

Calls setSocketFactory(null) and setServerSocketFactory(null) to reset the factories that may have been changed during the session, e.g. by execPROT(String)

Overrides:

disconnect in class FTPClient

Throws:

IOException - If an error occurs while disconnecting.

Since:

3.0

execADAT

public int execADAT(byte[] data)
             throws IOException

Send the ADAT command with the specified authentication data.

Parameters:

data - The data to send with the command.

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

Since:

3.0

execAUTH

protected void execAUTH()
                 throws SSLException,
                        IOException

AUTH command.

Throws:

SSLException - If it server reply code not equal "234" and "334".

IOException - If an I/O error occurs while either sending the command.

execAUTH

public int execAUTH(String mechanism)
             throws IOException

Send the AUTH command with the specified mechanism.

Parameters:

mechanism - The mechanism name to send with the command.

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

Since:

3.0

execCCC

public int execCCC()
            throws IOException

Send the CCC command to the server. The CCC (Clear Command Channel) command causes the underlying SSLSocket instance to be assigned to a plain Socket instances

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

Since:

3.0

execCONF

public int execCONF(byte[] data)
             throws IOException

Send the CONF command with the specified data.

Parameters:

data - The data to send with the command.

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

Since:

3.0

execENC

public int execENC(byte[] data)
            throws IOException

Send the ENC command with the specified data.

Parameters:

data - The data to send with the command.

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

Since:

3.0

execMIC

public int execMIC(byte[] data)
            throws IOException

Send the MIC command with the specified data.

Parameters:

data - The data to send with the command.

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

Since:

3.0

execPBSZ

public void execPBSZ(long pbsz)
              throws SSLException,
                     IOException

PBSZ command. pbsz value: 0 to (2^32)-1 decimal integer.

Parameters:

pbsz - Protection Buffer Size.

Throws:

SSLException - If the server reply code does not equal "200".

IOException - If an I/O error occurs while sending the command.

See Also:

parsePBSZ(long)

execPROT

public void execPROT(String prot)
              throws SSLException,
                     IOException

PROT command.

• C - Clear
• S - Safe(SSL protocol only)
• E - Confidential(SSL protocol only)
• P - Private

N.B. the method calls SocketClient.setSocketFactory(javax.net.SocketFactory) and SocketClient.setServerSocketFactory(javax.net.ServerSocketFactory)

Parameters:

prot - Data Channel Protection Level, if null, use DEFAULT_PROT.

Throws:

SSLException - If the server reply code does not equal 200.

IOException - If an I/O error occurs while sending the command.

getAuthValue

public String getAuthValue()

Return AUTH command use value.

Returns:

AUTH command use value.

getEnabledCipherSuites

public String[] getEnabledCipherSuites()

Returns the names of the cipher suites which could be enabled for use on this connection. When the underlying Socket is not an SSLSocket instance, returns null.

Returns:

An array of cipher suite names, or null

getEnabledProtocols

public String[] getEnabledProtocols()

Returns the names of the protocol versions which are currently enabled for use on this connection. When the underlying Socket is not an SSLSocket instance, returns null.

Returns:

An array of protocols, or null

getEnableSessionCreation

public boolean getEnableSessionCreation()

Returns true if new SSL sessions may be established by this socket. When the underlying Socket instance is not SSL-enabled (i.e. an instance of SSLSocket with SSLSocketgetEnableSessionCreation()) enabled, this returns False.

Returns:

true - Indicates that sessions may be created; this is the default. false - indicates that an existing session must be resumed.

getHostnameVerifier

public HostnameVerifier getHostnameVerifier()

Get the currently configured HostnameVerifier. The verifier is only used on client mode connections.

Returns:

A HostnameVerifier instance.

Since:

3.4

getNeedClientAuth

public boolean getNeedClientAuth()

Returns true if the socket will require client authentication. When the underlying Socket is not an SSLSocket instance, returns false.

Returns:

true - If the server mode socket should request that the client authenticate itself.

getTrustManager

public TrustManager getTrustManager()

Get the currently configured TrustManager.

Returns:

A TrustManager instance.

getUseClientMode

public boolean getUseClientMode()

Returns true if the socket is set to use client mode in its first handshake. When the underlying Socket is not an SSLSocket instance, returns false.

Returns:

true - If the socket should start its first handshake in "client" mode.

getWantClientAuth

public boolean getWantClientAuth()

Returns true if the socket will request client authentication. When the underlying Socket is not an SSLSocket instance, returns false.

Returns:

true - If the server mode socket should request that the client authenticate itself.

isEndpointCheckingEnabled

public boolean isEndpointCheckingEnabled()

Return whether or not endpoint identification using the HTTPS algorithm on Java 1.7+ is enabled. The default behavior is for this to be disabled. This check is only performed on client mode connections.

Returns:

True if enabled, false if not.

Since:

3.4

parseADATReply

public byte[] parseADATReply(String reply)

Parses the given ADAT response line and base64-decodes the data.

Parameters:

reply - The ADAT reply to parse.

Returns:

the data in the reply, base64-decoded.

Since:

3.0

parsePBSZ

public long parsePBSZ(long pbsz)
               throws SSLException,
                      IOException

PBSZ command. pbsz value: 0 to (2^32)-1 decimal integer. Issues the command and parses the response to return the negotiated value.

Parameters:

pbsz - Protection Buffer Size.

Returns:

the negotiated value.

Throws:

SSLException - If the server reply code does not equal "200".

IOException - If an I/O error occurs while sending the command.

Since:

3.0

See Also:

execPBSZ(long)

sendCommand

public int sendCommand(String command,
                       String args)
                throws IOException

Send an FTP command. A successful CCC (Clear Command Channel) command causes the underlying SSLSocket instance to be assigned to a plain Socket

Overrides:

sendCommand in class FTP

Parameters:

command - The FTP command.

args - The arguments to the FTP command. If this parameter is set to null, then the command is sent with no argument.

Returns:

server reply.

Throws:

IOException - If an I/O error occurs while sending the command.

SSLException - if a CCC command fails

See Also:

FTP.sendCommand(String)

setAuthValue

public void setAuthValue(String auth)

Set AUTH command use value. This processing is done before connected processing.

Parameters:

auth - AUTH command use value.

setEnabledCipherSuites

public void setEnabledCipherSuites(String[] cipherSuites)

Controls which particular cipher suites are enabled for use on this connection. Called before server negotiation.

Parameters:

cipherSuites - The cipher suites.

setEnabledProtocols

public void setEnabledProtocols(String[] protocolVersions)

Controls which particular protocol versions are enabled for use on this connection. I perform setting before a server negotiation.

Parameters:

protocolVersions - The protocol versions.

setEnabledSessionCreation

public void setEnabledSessionCreation(boolean isCreation)

Controls whether a new SSL session may be established by this socket.

Parameters:

isCreation - The established socket flag.

setEndpointCheckingEnabled

public void setEndpointCheckingEnabled(boolean enable)

Automatic endpoint identification checking using the HTTPS algorithm is supported on Java 1.7+. The default behavior is for this to be disabled. This check is only performed on client mode connections.

Parameters:

enable - Enable automatic endpoint identification checking using the HTTPS algorithm on Java 1.7+.

Since:

3.4

setHostnameVerifier

public void setHostnameVerifier(HostnameVerifier newHostnameVerifier)

Override the default HostnameVerifier to use. The verifier is only used on client mode connections.

Parameters:

newHostnameVerifier - The HostnameVerifier implementation to set or null to disable.

Since:

3.4

setKeyManager

public void setKeyManager(KeyManager keyManager)

Set a KeyManager to use

Parameters:

keyManager - The KeyManager implementation to set.

See Also:

KeyManagerUtils

setNeedClientAuth

public void setNeedClientAuth(boolean isNeedClientAuth)

Configures the socket to require client authentication.

Parameters:

isNeedClientAuth - The need client auth flag.

setTrustManager

public void setTrustManager(TrustManager trustManager)

Override the default TrustManager to use; if set to null, the default TrustManager from the JVM will be used.

Parameters:

trustManager - The TrustManager implementation to set, may be null

See Also:

TrustManagerUtils

setUseClientMode

public void setUseClientMode(boolean isClientMode)

Configures the socket to use client (or server) mode in its first handshake.

Parameters:

isClientMode - The use client mode flag.

setWantClientAuth

public void setWantClientAuth(boolean isWantClientAuth)

Configures the socket to request client authentication, but only if such a request is appropriate to the cipher suite negotiated.

Parameters:

isWantClientAuth - The want client auth flag.

sslNegotiation

protected void sslNegotiation()
                       throws IOException

SSL/TLS negotiation. Acquires an SSL socket of a control connection and carries out handshake processing.

Throws:

IOException - If server negotiation fails