Interface SslContextFactory.Client.SniProvider

  • Enclosing class:
    SslContextFactory.Client
    Functional Interface:
    This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

    @FunctionalInterface
    public static interface SslContextFactory.Client.SniProvider

    A provider for SNI names to send to the server during the TLS handshake.

    By default, the OpenJDK TLS implementation does not send SNI names when they are IP addresses, following what currently specified in TLS 1.3, or when they are non-domain strings such as "localhost".

    If you need to send custom SNI, such as a non-domain SNI or an IP address SNI, you can set your own SNI provider or use NON_DOMAIN_SNI_PROVIDER.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.util.List<javax.net.ssl.SNIServerName> apply​(javax.net.ssl.SSLEngine sslEngine, java.util.List<javax.net.ssl.SNIServerName> serverNames)
      Provides the SNI names to send to the server.
    • Field Detail

      • NON_DOMAIN_SNI_PROVIDER

        static final SslContextFactory.Client.SniProvider NON_DOMAIN_SNI_PROVIDER

        An SNI provider that, if the given serverNames list is empty, retrieves the host via SSLEngine.getPeerHost(), converts it to ASCII bytes, and sends it as SNI.

        This allows to send non-domain SNI such as "localhost" or IP addresses.

    • Method Detail

      • apply

        java.util.List<javax.net.ssl.SNIServerName> apply​(javax.net.ssl.SSLEngine sslEngine,
                                                          java.util.List<javax.net.ssl.SNIServerName> serverNames)

        Provides the SNI names to send to the server.

        Currently, RFC 6066 allows for different types of server names, but defines only one of type "host_name".

        As such, the input serverNames list and the list to be returned contain at most one element.

        Parameters:
        sslEngine - the SSLEngine that processes the TLS handshake
        serverNames - the non-null immutable list of server names computed by implementation
        Returns:
        either the same serverNames list passed as parameter, or a new list containing the server names to send to the server