Package org.eclipse.jetty.util.ssl

Interface SslContextFactory.Client.SniProvider

Enclosing class:
SslContextFactory.Client
Functional Interface:
This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
@FunctionalInterface public static interface SslContextFactory.Client.SniProvider

A provider for SNI names to send to the server during the TLS handshake.

By default, the OpenJDK TLS implementation does not send SNI names when they are IP addresses, following what currently specified in TLS 1.3, or when they are non-domain strings such as "localhost".

If you need to send custom SNI, such as a non-domain SNI or an IP address SNI, you can set your own SNI provider or use NON_DOMAIN_SNI_PROVIDER.

  • Field Details

    • NON_DOMAIN_SNI_PROVIDER

      static final SslContextFactory.Client.SniProvider NON_DOMAIN_SNI_PROVIDER

      An SNI provider that, if the given serverNames list is empty, retrieves the host via SSLEngine.getPeerHost(), converts it to ASCII bytes, and sends it as SNI.

      This allows to send non-domain SNI such as "localhost" or IP addresses.

  • Method Details

    • apply

      List<SNIServerName> apply(SSLEngine sslEngine, List<SNIServerName> serverNames)

      Provides the SNI names to send to the server.

      Currently, RFC 6066 allows for different types of server names, but defines only one of type "host_name".

      As such, the input serverNames list and the list to be returned contain at most one element.

      Parameters:
      sslEngine - the SSLEngine that processes the TLS handshake
      serverNames - the non-null immutable list of server names computed by implementation
      Returns:
      either the same serverNames list passed as parameter, or a new list containing the server names to send to the server