Instance Propertyswift-nio-ssl 2.29.0NIOSSL
pskServerCallback
TLSConfiguration.swift:349This declaration is deprecated: Deprecated in favor of pskServerProvider which can handle optional hint
var pskServerCallback: NIOPSKServerIdentityCallback? { get set }
Other members in extension
Type members
static let clientDefault: TLSConfiguration
A default TLS configuration for client use.
static func makeClientConfiguration(
) -> TLSConfiguration Creates a TLS configuration for use with client-side contexts.
static func makeServerConfiguration(certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource
) -> TLSConfiguration Create a TLS configuration for use with server-side contexts.
Show obsolete interfaces (9)
Hide obsolete interfaces
static func forClient(cipherSuites: String, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource?, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?
) -> TLSConfiguration Creates a TLS configuration for use with client-side contexts.
static func forClient(cipherSuites: String, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource?, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?, renegotiationSupport: NIORenegotiationSupport
) -> TLSConfiguration Creates a TLS configuration for use with client-side contexts.
static func forClient(cipherSuites: String, verifySignatureAlgorithms: [SignatureAlgorithm]?, signingSignatureAlgorithms: [SignatureAlgorithm]?, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource?, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?, renegotiationSupport: NIORenegotiationSupport
) -> TLSConfiguration Creates a TLS configuration for use with client-side contexts.
static func forClient(cipherSuites: String, verifySignatureAlgorithms: [SignatureAlgorithm]?, signingSignatureAlgorithms: [SignatureAlgorithm]?, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource?, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?, renegotiationSupport: NIORenegotiationSupport, additionalTrustRoots: [NIOSSLAdditionalTrustRoots]
) -> TLSConfiguration Creates a TLS configuration for use with client-side contexts.
static func forClient(cipherSuites: [NIOTLSCipher], verifySignatureAlgorithms: [SignatureAlgorithm]?, signingSignatureAlgorithms: [SignatureAlgorithm]?, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource?, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?, renegotiationSupport: NIORenegotiationSupport, additionalTrustRoots: [NIOSSLAdditionalTrustRoots]
) -> TLSConfiguration Creates a TLS configuration for use with client-side contexts. This allows setting the
NIOTLSCipher
property specifically.static func forServer(certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource, cipherSuites: String, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?
) -> TLSConfiguration Create a TLS configuration for use with server-side contexts.
static func forServer(certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource, cipherSuites: String, verifySignatureAlgorithms: [SignatureAlgorithm]?, signingSignatureAlgorithms: [SignatureAlgorithm]?, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?
) -> TLSConfiguration Create a TLS configuration for use with server-side contexts.
static func forServer(certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource, cipherSuites: String, verifySignatureAlgorithms: [SignatureAlgorithm]?, signingSignatureAlgorithms: [SignatureAlgorithm]?, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?, additionalTrustRoots: [NIOSSLAdditionalTrustRoots]
) -> TLSConfiguration Create a TLS configuration for use with server-side contexts.
static func forServer(certificateChain: [NIOSSLCertificateSource], privateKey: NIOSSLPrivateKeySource, cipherSuites: [NIOTLSCipher], verifySignatureAlgorithms: [SignatureAlgorithm]?, signingSignatureAlgorithms: [SignatureAlgorithm]?, minimumTLSVersion: TLSVersion, maximumTLSVersion: TLSVersion?, certificateVerification: CertificateVerification, trustRoots: NIOSSLTrustRoots, applicationProtocols: [String], shutdownTimeout: TimeAmount, keyLogCallback: NIOSSLKeyLogCallback?, additionalTrustRoots: [NIOSSLAdditionalTrustRoots]
) -> TLSConfiguration Create a TLS configuration for use with server-side contexts. This allows setting the
NIOTLSCipher
property specifically.
Instance members
var additionalTrustRoots: [NIOSSLAdditionalTrustRoots]
Additional trust roots to use to validate certificates, used in addition to
trustRoots
.var applicationProtocols: [String]
The application protocols to use in the connection. Should be an ordered list of ASCII strings representing the ALPN identifiers of the protocols to negotiate. For clients, the protocols will be offered in the order given. For servers, the protocols will be matched against the client’s offered protocols in order.
var certificateChain: [NIOSSLCertificateSource]
The certificates to offer during negotiation. If not present, no certificates will be offered.
var certificateVerification: CertificateVerification
Whether to verify remote certificates.
var cipherSuiteValues: [NIOTLSCipher]
Public property used to set the internal
cipherSuites
fromNIOTLSCipher
.var cipherSuites: String
The pre-TLS1.3 cipher suites supported by this handler. This uses the OpenSSL cipher string format. TLS 1.3 cipher suites cannot be configured.
var curves: [NIOTLSCurve]?
TLS curves supported by this handler. Passing
nil
means that a built-in set of curves will be used.var keyLogCallback: NIOSSLKeyLogCallback?
A callback that can be used to implement
SSLKEYLOGFILE
support.var maximumTLSVersion: TLSVersion?
The maximum TLS version to allow in negotiation. If
nil
, there is no upper limit. Defaults tonil
.var minimumTLSVersion: TLSVersion
The minimum TLS version to allow in negotiation. Defaults to
tlsv1
.var privateKey: NIOSSLPrivateKeySource?
The private key associated with the leaf certificate.
var pskClientProvider: NIOPSKClientIdentityProvider?
PSK Client Callback to get the key based on an optional hint and identity.
var pskHint: String?
Optional PSK hint to be used during SSLContext create.
var pskServerProvider: NIOPSKServerIdentityProvider?
PSK Server Callback to get the key based on an optional hint and identity.
var renegotiationSupport: NIORenegotiationSupport
Whether renegotiation is supported.
var sendCANameList: Bool
Send the CA names derived from the
trustRoots
for client authentication. This instructs the client which identities can be used by evaluating what CA the identity certificate was issued from.var shutdownTimeout: TimeAmount
The amount of time to wait after initiating a shutdown before performing an unclean shutdown. Defaults to 5 seconds.
var signingSignatureAlgorithms: [SignatureAlgorithm]?
Allowed algorithms to sign signatures. Passing
nil
means that a built-in set of algorithms will be used.var sslContextCallback: NIOSSLContextCallback?
SSL Context Callback to provide dynamic context based on server name
var trustRoots: NIOSSLTrustRoots?
The trust roots to use to validate certificates. This only needs to be provided if you intend to validate certificates.
var verifySignatureAlgorithms: [SignatureAlgorithm]?
Allowed algorithms to verify signatures. Passing
nil
means that a built-in set of algorithms will be used.func bestEffortEquals(TLSConfiguration
) -> Bool Returns a best effort result of whether two
TLSConfiguration
objects are equal.func bestEffortHash(into: inout Hasher
) Returns a best effort hash of this TLS configuration.
Show obsolete interfaces (1)
Hide obsolete interfaces
var pskClientCallback: NIOPSKClientIdentityCallback?
PSK Client Callback to get the key based on hint and identity.