SslEngineBuilder is used to create a SSLEngine (for SslFactory that adds a reconfiguration layer atop).

SslEngineBuilder is created when SslFactory is requested to configure and reconfigure (indirectly via createNewSslEngineBuilder).


Enable ALL logging level for logger to see what happens inside.

Add the following line to config/

Refer to Logging.

Creating SslEngineBuilder Instance

SslEngineBuilder takes the following to be created:

  • Configuration properties

SslEngineBuilder initializes the internal properties.

SSL Key Store — keystore Internal Property

SecurityStore keystore

keystore is created (alongside SslEngineBuilder) based on the following configuration properties:

keystore is used…​FIXME

SSL Trust Store — truststore Internal Property

SecurityStore truststore

Used when…​FIXME

Creating SSLEngine — createSslEngine Method

SSLEngine createSslEngine(
  Mode mode,
  String peerHost,
  int peerPort,
  String endpointIdentification)

createSslEngine requests the SSLContext to create a new Java SSLEngine (for the advisory peer information, i.e. peerHost and peerPort) that is configured using…​FIXME

If enabled cipher suites and enabled protocol versions are configured, createSslEngine requests the SSLEngine to use them.

For SERVER mode, createSslEngine requests the SSLEngine to be in the server mode and configures it for client authentication based on the SslClientAuth:

  • REQUIRED for client authentication required

  • REQUESTED for client authentication requested (optional client authentication)

  • NONE for no client authentication

For CLIENT mode, createSslEngine requests the SSLEngine to be in the client mode and sets the endpoint identification algorithm (to prevent man-in-the-middle attacks) based on the given endpointIdentification.


createSslEngine is used when:

  • SslFactory is requested to createSslEngine

  • SslEngineValidator is requested to createSslEngineForValidation

createKeystore Internal Utility

SecurityStore createKeystore(
  String type,
  String path,
  Password password,
  Password keyPassword)


createKeystore is used when SslEngineBuilder is created.

createTruststore Internal Utility

SecurityStore createTruststore(
  String type,
  String path,
  Password password)


createTruststore is used when SslEngineBuilder is created.

createSSLContext Internal Method

SSLContext createSSLContext()


createSSLContext is used when SslEngineBuilder is created.

Internal Properties

Name Description


Enabled cipher suites to use on a SSLEngine.


Enabled protocol versions to use on a SSLEngine.


Client authentication (SslClientAuth)


Java’s SSLContext

results matching ""

    No results matching ""