juneau-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jamesbog...@apache.org
Subject [juneau] branch master updated: Improvements to SSL support in RestClient.
Date Thu, 15 Mar 2018 16:11:29 GMT
This is an automated email from the ASF dual-hosted git repository.

jamesbognar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/juneau.git


The following commit(s) were added to refs/heads/master by this push:
     new 66d9736  Improvements to SSL support in RestClient.
66d9736 is described below

commit 66d97360947d8bdd5c0f8ecba6c44f7cd11e3bbc
Author: JamesBognar <jamesbognar@apache.org>
AuthorDate: Thu Mar 15 12:11:19 2018 -0400

    Improvements to SSL support in RestClient.
---
 juneau-doc/src/main/javadoc/overview.html          | 106 +++----
 .../apache/juneau/rest/test/TestMicroservice.java  |   2 +-
 .../org/apache/juneau/rest/client/RestClient.java  |   2 +-
 .../juneau/rest/client/RestClientBuilder.java      | 320 ++++++++++++++++-----
 .../org/apache/juneau/rest/client/SSLOpts.java     | 186 ------------
 5 files changed, 288 insertions(+), 328 deletions(-)

diff --git a/juneau-doc/src/main/javadoc/overview.html b/juneau-doc/src/main/javadoc/overview.html
index 4a1625b..dbd8f70 100644
--- a/juneau-doc/src/main/javadoc/overview.html
+++ b/juneau-doc/src/main/javadoc/overview.html
@@ -340,9 +340,6 @@
 	<ol>
 		<li><p><a class='doclink' href='#juneau-rest-client.3rdPartyProxies'>Interface
Proxies Against 3rd-party REST Interfaces</a></p>
 		<li><p><a class='doclink' href='#juneau-rest-client.SSL'>SSL Support</a></p>
-		<ol>
-			<li><p><a class='doclink' href='#juneau-rest-client.SSLOpts'>SSLOpts
Bean</a></p>
-		</ol>
 		<li><p><a class='doclink' href='#juneau-rest-client.Authentication'>Authentication</a></p>
 		<ol>
 			<li><p><a class='doclink' href='#juneau-rest-client.BASIC'>BASIC Authentication</a></p>
@@ -15883,77 +15880,37 @@
 	<div class='topic'>
 		<p>
 			The simplest way to enable SSL support in the client is to use the 
-			{@link org.apache.juneau.rest.client.RestClientBuilder#enableSSL(SSLOpts)} method and
one of the predefined 
-			{@link org.apache.juneau.rest.client.SSLOpts} instances:
+			{@link org.apache.juneau.rest.client.RestClientBuilder#enableLaxSSL()} method.
 		</p>
-		<ul class='doctree'>
-			<li class='jf'>{@link org.apache.juneau.rest.client.SSLOpts#DEFAULT} - Normal certificate
and hostname validation.
-			<li class='jf'>{@link org.apache.juneau.rest.client.SSLOpts#LAX} - Allows for self-signed
certificates.
-		</ul>
-		
+
 		<h5 class='figure'>Example:</h5>
 		<p class='bcode w800'>
 	<jc>// Create a client that ignores self-signed or otherwise invalid certificates.</jc>
-	RestClientBuilder builder = RestClient.<jsm>create</jsm>() 
-		.enableSSL(SSLOpts.<jsf>LAX</jsf>);
-		
-	<jc>// ...or...</jc>
-	RestClientBuilder builder = RestClient.<jsm>create</jsm>() 
-		.enableLaxSSL();
+	RestClient rc = RestClient.<jsm>create</jsm>().enableLaxSSL().build();
 		</p>
 		<p>
-			This is functionally equivalent to the following:
+			A more typical scenario using default cert and hostname verification is shown here:
 		</p>
 		<p class='bcode w800'>
-	RestClientBuilder builder = RestClient.<jsm>create</jsm>();
-	
-	HostnameVerifier hv = <jk>new</jk> NoopHostnameVerifier();
-	TrustManager tm = <jk>new</jk> SimpleX509TrustManager(<jk>true</jk>);
-
-	<jk>for</jk> (String p : <jk>new</jk> String[]{<js>"SSL"</js>,<js>"TLS"</js>,<js>"SSL_TLS"</js>})
{
-		SSLContext ctx = SSLContext.<jsm>getInstance</jsm>(p);
-		ctx.init(<jk>null</jk>, <jk>new</jk> TrustManager[] { tm }, <jk>null</jk>);
-		SSLConnectionSocketFactory sf = <jk>new</jk> SSLConnectionSocketFactory(ctx,
hv);
-		builder.setSSLSocketFactory(sf);
-		Registry&lt;ConnectionSocketFactory&gt; r = RegistryBuilder.&lt;ConnectionSocketFactory&gt;<jsm>.create</jsm>()
-			.register(<js>"https"</js>, sf).build();
-		builder.setConnectionManager(<jk>new</jk> PoolingHttpClientConnectionManager(r));
-	}
+	RestClient rc = RestClient.create().enableSSL().sslProtocols(<js>"TLSv1.2"</js>).build();
 		</p>
 		<p>
-			More complex SSL support can be enabled through the various {@link org.apache.http.impl.client.HttpClientBuilder}

-			methods defined on the class.
+			The following convenience methods are provided in the builder class for specifying SSL
parameters:
+		</p>
+		<ul class='doctree'>
+			<li class='jc'>{@link org.apache.juneau.rest.client.RestClientBuilder}
+			<ul>
+				<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#sslProtocols(String...)
sslProtocols(String...)}
+				<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#cipherSuites(String...)
cipherSuites(String...)}
+				<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#hostnameVerifier(HostnameVerifier)
hostnameVerifier(HostnameVerifier)}
+				<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#keyManagers(KeyManager...)
keyManagers(KeyManager...)}
+				<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#trustManagers(TrustManager...)}
+				<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#secureRandom(SecureRandom)}
+			</ul>
+		</ul>
+		<p>
+			SSL support can also be enabled by passing in your own connection manager using {@link
org.apache.juneau.rest.client.RestClientBuilder#httpClientConnectionManager(HttpClientConnectionManager)}.
 		</p>
-	
-		<!-- =======================================================================================================
-->
-		<a id='juneau-rest-client.SSLOpts'></a>
-		<h4 class='topic' onclick='toggle(this)'>9.2.1 - SSLOpts Bean</h4>
-		<div class='topic'>
-			<p>
-				The {@link org.apache.juneau.rest.client.SSLOpts} class itself is a bean that can be
created by the 
-				parsers.
-				For example, SSL options can be specified in a config file and retrieved as a bean using
the 
-				{@link org.apache.juneau.config.Config} class.
-			</p>
-			
-			<h5 class='figure'>Contents of <code>MyConfig.cfg</code></h5>
-			<p class='bcode w800'>
-	<cc>#================================================================================
-	# My Connection Settings
-	#================================================================================</cc>
-	<cs>[Connection]</cs>
-	<ck>url</ck> = <cv>https://myremotehost:9443</cv>
-	<ck>ssl</ck> = <cv>{certValidate:'LAX',hostVerify:'LAX'}</cv>
-			</p>
-			
-			<h5 class='figure'>Code that reads an <code>SSLOpts</code> bean from
the config file</h5>
-			<p class='bcode w800'>
-	<jc>// Read config file and set SSL options based on what's in that file.</jc>
-	Config c = Config.<jsm>create</jsm>(<js>"MyConfig.cfg"</js>).build();
-	SSLOpts ssl = c.getObject(SSLOpts.<jk>class</jk>, <js>"Connection/ssl"</js>);
-	RestClient rc = RestClient.<jsm>create</jsm>().enableSSL(ssl).build();
-			</p>
-		</div>
 	</div>
 	
 	<!-- =======================================================================================================
-->
@@ -21290,7 +21247,7 @@
 				</ul>
 		</ul>
 		
-		<h5 class='topic w800'>juneau-server</h5>
+		<h5 class='topic w800'>juneau-rest-server</h5>
 		<ul class='spaced-list'>
 			<li>
 				Simplified {@link org.apache.juneau.rest.annotation.RestResource#swagger() @RestResource(swagger)}
@@ -21304,6 +21261,25 @@
 			<li>
 				Newlines were being stripped from <code><ja>@HtmlDoc</ja>(script)</code>
when serialized which could cause script lines to become commented out.
 		</ul>
+		
+		<h5 class='topic w800'>juneau-rest-client</h5>
+		<ul class='spaced-list'>
+			<li>
+				Made improvements to the builder API for defining SSL support.
+				<br>New methods added:
+			<ul class='doctree'>
+				<li class='jc'>{@link org.apache.juneau.rest.client.RestClientBuilder}
+				<ul>
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#sslProtocols(String...)
sslProtocols(String...)}
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#cipherSuites(String...)
cipherSuites(String...)}
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#hostnameVerifier(HostnameVerifier)
hostnameVerifier(HostnameVerifier)}
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#keyManagers(KeyManager...)
keyManagers(KeyManager...)}
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#trustManagers(TrustManager...)}
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#secureRandom(SecureRandom)}
+					<li class='jf'>{@link org.apache.juneau.rest.client.RestClientBuilder#httpClientConnectionManager(HttpClientConnectionManager)}
+				</ul>
+			</ul>
+		</ul>
 	</div>
 	
 	<!-- ===========================================================================================================
-->
@@ -24037,7 +24013,7 @@
 					<li>{@link org.apache.juneau.rest.client.HttpMethod}
 					<li>{@link org.apache.juneau.rest.client.ResponsePattern}
 					<li>{@link org.apache.juneau.rest.client.SimpleX509TrustManager}
-					<li>{@link org.apache.juneau.rest.client.SSLOpts}
+					<li><code><del>SSLOpts</del></code>
 				</ul>
 			<li>Removed <code>org.apache.juneau.rest.client.LaxRedirectStrategy</code>.
 Use HTTP Client equivalent.
 			<li>New methods on {@link org.apache.juneau.rest.client.RestCall}:
diff --git a/juneau-microservice/juneau-microservice-test/src/test/java/org/apache/juneau/rest/test/TestMicroservice.java
b/juneau-microservice/juneau-microservice-test/src/test/java/org/apache/juneau/rest/test/TestMicroservice.java
index 6c5a0bb..de1a678 100644
--- a/juneau-microservice/juneau-microservice-test/src/test/java/org/apache/juneau/rest/test/TestMicroservice.java
+++ b/juneau-microservice/juneau-microservice-test/src/test/java/org/apache/juneau/rest/test/TestMicroservice.java
@@ -104,7 +104,7 @@ public class TestMicroservice {
 			final StatusLine[] currentResponse = new StatusLine[1];
 			return RestClient.create()
 				.rootUrl(microserviceURI)
-				.setRetryHandler(
+				.retryHandler(
 					new HttpRequestRetryHandler() {
 						@Override
 						public boolean retryRequest(IOException exception, int executionCount, HttpContext
context) {
diff --git a/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClient.java
b/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClient.java
index e5b92d9..751163f 100644
--- a/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClient.java
+++ b/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClient.java
@@ -152,7 +152,7 @@ public class RestClient extends BeanContext implements Closeable {
 	 * 	<li><b>Default:</b>  empty map
 	 * 	<li><b>Methods:</b> 
 	 * 		<ul>
-	 * 			<li class='jm'>{@link RestClientBuilder#setDefaultHeaders(Collection)}
+	 * 			<li class='jm'>{@link RestClientBuilder#defaultHeaders(Collection)}
 	 * 			<li class='jm'>{@link RestClientBuilder#header(String, Object)}
 	 * 		</ul>
 	 * </ul>
diff --git a/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClientBuilder.java
b/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClientBuilder.java
index e94b631..0992c82 100644
--- a/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClientBuilder.java
+++ b/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/RestClientBuilder.java
@@ -46,6 +46,7 @@ import org.apache.http.protocol.*;
 import org.apache.juneau.*;
 import org.apache.juneau.http.*;
 import org.apache.juneau.httppart.*;
+import org.apache.juneau.internal.*;
 import org.apache.juneau.json.*;
 import org.apache.juneau.parser.*;
 import org.apache.juneau.serializer.*;
@@ -73,7 +74,12 @@ public class RestClientBuilder extends BeanContextBuilder {
 	private HttpClientConnectionManager httpClientConnectionManager;
 	private HttpClientBuilder httpClientBuilder;
 	private CloseableHttpClient httpClient;
-	private SSLOpts sslOpts;
+	private boolean enableSsl = false;
+	private HostnameVerifier hostnameVerifier;
+	private KeyManager[] keyManagers;
+	private TrustManager[] trustManagers;
+	private SecureRandom secureRandom;
+	private String[] sslProtocols, cipherSuites;
 	private boolean pooled;
 
 	/**
@@ -153,54 +159,56 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * The default implementation returns an instance of a {@link PoolingHttpClientConnectionManager}.
 	 * 
 	 * @return The HTTP client builder to use to create the HTTP client.
+	 * @throws NoSuchAlgorithmException 
+	 * @throws KeyManagementException 
 	 */
 	@SuppressWarnings("resource")
-	protected HttpClientConnectionManager createConnectionManager() {
-		if (sslOpts != null) {
-			HostnameVerifier hv = null;
-			switch (sslOpts.getHostVerify()) {
-				case LAX: hv = new NoopHostnameVerifier(); break;
-				case DEFAULT: hv = new DefaultHostnameVerifier(); break;
-				default: throw new RuntimeException("Programmer error");
-			}
-
-			for (String p : split(sslOpts.getProtocols())) {
-				try {
-					TrustManager tm = new SimpleX509TrustManager(sslOpts.getCertValidate() == SSLOpts.CertValidate.LAX);
-
-					SSLContext ctx = SSLContext.getInstance(p);
-					ctx.init(null, new TrustManager[] { tm }, null);
-
-					// Create a socket to ensure this algorithm is acceptable.
-					// This will correctly disallow certain configurations (such as SSL_TLS under FIPS)
-					ctx.getSocketFactory().createSocket().close();
-					SSLConnectionSocketFactory sf = new SSLConnectionSocketFactory(ctx, hv);
-					setSSLSocketFactory(sf);
-
-					Registry<ConnectionSocketFactory> r = RegistryBuilder.<ConnectionSocketFactory>
create().register("https", sf).build();
-
-					return (pooled ? new PoolingHttpClientConnectionManager(r) : new BasicHttpClientConnectionManager(r));
-				} catch (Throwable t) {}
-			}
-		}
-
-			// Using pooling connection so that this client is threadsafe.
+	protected HttpClientConnectionManager createConnectionManager() throws KeyManagementException,
NoSuchAlgorithmException {
+		if (enableSsl) {
+			
+			HostnameVerifier hv = hostnameVerifier != null ? hostnameVerifier : new DefaultHostnameVerifier();
+			TrustManager[] tm = trustManagers;
+			String[] sslp = sslProtocols == null ? getDefaultProtocols() : sslProtocols;
+			SecureRandom sr = secureRandom;
+			KeyManager[] km = keyManagers;
+			String[] cs = cipherSuites;
+
+			RegistryBuilder<ConnectionSocketFactory> rb = RegistryBuilder.<ConnectionSocketFactory>create();
+			rb.register("http", PlainConnectionSocketFactory.getSocketFactory());
+			
+			SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom().build();
+			sslContext.init(km, tm, sr);
+
+			SSLConnectionSocketFactory sslcsf = new SSLConnectionSocketFactory(sslContext, sslp, cs,
hv);
+			rb.register("https", sslcsf).build();
+			
+			return (pooled ? new PoolingHttpClientConnectionManager(rb.build()) : new BasicHttpClientConnectionManager(rb.build()));
+		}			
+		
+		// Using pooling connection so that this client is threadsafe.
 		return (pooled ? new PoolingHttpClientConnectionManager() : new BasicHttpClientConnectionManager());
 	}
-
+	
 	/**
 	 * Enable SSL support on this client.
 	 * 
-	 * @param opts
-	 * 	The SSL configuration options.
-	 * 	See {@link SSLOpts} for details.
-	 * 	This method is a no-op if <code>sslConfig</code> is <jk>null</jk>.
+	 * <p>
+	 * Used in conjunction with the following methods for setting up SSL parameters:
+	 * <ul class='doctree'>
+	 * 	<li class='jf'>{@link #sslProtocols(String...)}
+	 * 	<li class='jf'>{@link #cipherSuites(String...)}
+	 * 	<li class='jf'>{@link #hostnameVerifier(HostnameVerifier)}
+	 * 	<li class='jf'>{@link #keyManagers(KeyManager...)}
+	 * 	<li class='jf'>{@link #trustManagers(TrustManager...)}
+	 * 	<li class='jf'>{@link #secureRandom(SecureRandom)}
+	 * </ul>
+	 * 
 	 * @return This object (for method chaining).
 	 * @throws KeyStoreException
 	 * @throws NoSuchAlgorithmException
 	 */
-	public RestClientBuilder enableSSL(SSLOpts opts) throws KeyStoreException, NoSuchAlgorithmException
{
-		this.sslOpts = opts;
+	public RestClientBuilder enableSSL() throws KeyStoreException, NoSuchAlgorithmException
{
+		this.enableSsl = true;
 		return this;
 	}
 
@@ -208,17 +216,162 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * Enable LAX SSL support.
 	 * 
 	 * <p>
-	 * Certificate chain validation and hostname verification is disabled.
+	 * Same as calling the following:
+	 * <p class='bcode'>
+	 * 	builder
+	 * 		.enableSSL()
+	 * 		.hostnameVerifier(<jk>new</jk> NoopHostnameVerifier())
+	 * 		.trustManagers(<jk>new</jk> SimpleX509TrustManager(<jk>true</jk>));
+	 * </p>
 	 * 
 	 * @return This object (for method chaining).
 	 * @throws KeyStoreException
 	 * @throws NoSuchAlgorithmException
 	 */
 	public RestClientBuilder enableLaxSSL() throws KeyStoreException, NoSuchAlgorithmException
{
-		return enableSSL(SSLOpts.LAX);
+		this.enableSsl = true;
+		hostnameVerifier(new NoopHostnameVerifier());
+		trustManagers(new SimpleX509TrustManager(true));
+		return this;
+	}
+
+	/**
+	 * Supported SSL protocols.
+	 * 
+	 * <p>
+	 * This is the value passed to the <code>supportedProtocols</code> parameter
of the 
+	 * {@link SSLConnectionSocketFactory#SSLConnectionSocketFactory(SSLContext,String[],String[],HostnameVerifier)}

+	 * constructor.
+	 * 
+	 * <p>
+	 * The default value is taken from the system property <js>"transport.client.protocol"</js>.
+	 * <br>If system property is not defined, defaults to <code>{<js>"SSL_TLS"</js>,<js>"TLS"</js>,<js>"SSL"</js>}</code>.
+	 * 
+	 * <p>
+	 * This method is effectively ignored if {@link #enableSSL()} has not been called or the
client connection manager
+	 * has been defined via {@link #httpClientConnectionManager(HttpClientConnectionManager)}.
+	 * 
+	 * @param sslProtocols The supported SSL protocols.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder sslProtocols(String...sslProtocols) {
+		this.sslProtocols = sslProtocols;
+		return this;
+	}
+	
+	/**
+	 * Supported cipher suites.
+	 * 
+	 * <p>
+	 * This is the value passed to the <code>supportedCipherSuites</code> parameter
of the 
+	 * {@link SSLConnectionSocketFactory#SSLConnectionSocketFactory(SSLContext,String[],String[],HostnameVerifier)}

+	 * constructor.
+	 * 
+	 * <p>
+	 * The default value is <jk>null</jk>.
+	 * 
+	 * <p>
+	 * This method is effectively ignored if {@link #enableSSL()} has not been called or the
client connection manager
+	 * has been defined via {@link #httpClientConnectionManager(HttpClientConnectionManager)}.
+	 * 
+	 * @param cipherSuites The supported cipher suites.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder cipherSuites(String...cipherSuites) {
+		this.cipherSuites = cipherSuites;
+		return this;
+	}
+	
+	/**
+	 * Hostname verifier.
+	 * 
+	 * <p>
+	 * This is the value passed to the <code>hostnameVerifier</code> parameter of
the 
+	 * {@link SSLConnectionSocketFactory#SSLConnectionSocketFactory(SSLContext,String[],String[],HostnameVerifier)}

+	 * constructor.
+	 * 
+	 * <p>
+	 * The default value is <jk>null</jk>.
+	 * 
+	 * <p>
+	 * This method is effectively ignored if {@link #enableSSL()} has not been called or the
client connection manager
+	 * has been defined via {@link #httpClientConnectionManager(HttpClientConnectionManager)}.
+	 * 
+	 * @param hostnameVerifier The hostname verifier.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder hostnameVerifier(HostnameVerifier hostnameVerifier) {
+		this.hostnameVerifier = hostnameVerifier;
+		return this;
 	}
 
 	/**
+	 * Key managers.
+	 * 
+	 * <p>
+	 * This is the value passed to the <code>keyManagers</code> parameter of the

+	 * {@link SSLContext#init(KeyManager[],TrustManager[],SecureRandom)} method.
+	 * 
+	 * <p>
+	 * The default value is <jk>null</jk>.
+	 * 
+	 * <p>
+	 * This method is effectively ignored if {@link #enableSSL()} has not been called or the
client connection manager
+	 * has been defined via {@link #httpClientConnectionManager(HttpClientConnectionManager)}.
+	 * 
+	 * @param keyManagers The key managers.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder keyManagers(KeyManager...keyManagers) {
+		this.keyManagers = keyManagers;
+		return this;
+	}
+	
+	/**
+	 * Trust managers.
+	 * 
+	 * <p>
+	 * This is the value passed to the <code>trustManagers</code> parameter of the

+	 * {@link SSLContext#init(KeyManager[],TrustManager[],SecureRandom)} method.
+	 * 
+	 * <p>
+	 * The default value is <jk>null</jk>.
+	 * 
+	 * <p>
+	 * This method is effectively ignored if {@link #enableSSL()} has not been called or the
client connection manager
+	 * has been defined via {@link #httpClientConnectionManager(HttpClientConnectionManager)}.
+	 * 
+	 * @param trustManagers The trust managers.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder trustManagers(TrustManager...trustManagers) {
+		this.trustManagers = trustManagers;
+		return this;
+	}
+
+	/**
+	 * Trust managers.
+	 * 
+	 * <p>
+	 * This is the value passed to the <code>random</code> parameter of the 
+	 * {@link SSLContext#init(KeyManager[],TrustManager[],SecureRandom)} method.
+	 * 
+	 * <p>
+	 * The default value is <jk>null</jk>.
+	 * 
+	 * <p>
+	 * This method is effectively ignored if {@link #enableSSL()} has not been called or the
client connection manager
+	 * has been defined via {@link #httpClientConnectionManager(HttpClientConnectionManager)}.
+	 * 
+	 * @param secureRandom The random number generator.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder secureRandom(SecureRandom secureRandom) {
+		this.secureRandom = secureRandom;
+		return this;
+	}
+	
+	/**
 	 * Sets the client version by setting the value for the <js>"X-Client-Version"</js>
header.
 	 * 
 	 * @param version The version string (e.g. <js>"1.2.3"</js>)
@@ -264,7 +417,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 		Credentials up = new UsernamePasswordCredentials(user, pw);
 		CredentialsProvider p = new BasicCredentialsProvider();
 		p.setCredentials(scope, up);
-		setDefaultCredentialsProvider(p);
+		defaultCredentialsProvider(p);
 		return this;
 	}
 
@@ -281,6 +434,16 @@ public class RestClientBuilder extends BeanContextBuilder {
 		return this;
 	}
 
+	/**
+	 * Sets the internal {@link HttpClientConnectionManager}.
+	 * 
+	 * @param httpClientConnectionManager The HTTP client connection manager.
+	 * @return This object (for method chaining).
+	 */
+	public RestClientBuilder httpClientConnectionManager(	HttpClientConnectionManager httpClientConnectionManager)
{
+		this.httpClientConnectionManager = httpClientConnectionManager;
+		return this;
+	}
 
 	//--------------------------------------------------------------------------------
 	// HTTP headers
@@ -2160,7 +2323,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setRedirectStrategy(RedirectStrategy)
 	 */
-	public RestClientBuilder setRedirectStrategy(RedirectStrategy redirectStrategy) {
+	public RestClientBuilder redirectStrategy(RedirectStrategy redirectStrategy) {
 		httpClientBuilder.setRedirectStrategy(redirectStrategy);
 		return this;
 	}
@@ -2170,7 +2333,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultCookieSpecRegistry(Lookup)
 	 */
-	public RestClientBuilder setDefaultCookieSpecRegistry(Lookup<CookieSpecProvider> cookieSpecRegistry)
{
+	public RestClientBuilder defaultCookieSpecRegistry(Lookup<CookieSpecProvider> cookieSpecRegistry)
{
 		httpClientBuilder.setDefaultCookieSpecRegistry(cookieSpecRegistry);
 		return this;
 	}
@@ -2180,7 +2343,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setRequestExecutor(HttpRequestExecutor)
 	 */
-	public RestClientBuilder setRequestExecutor(HttpRequestExecutor requestExec) {
+	public RestClientBuilder requestExecutor(HttpRequestExecutor requestExec) {
 		httpClientBuilder.setRequestExecutor(requestExec);
 		return this;
 	}
@@ -2190,7 +2353,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setSSLHostnameVerifier(HostnameVerifier)
 	 */
-	public RestClientBuilder setSSLHostnameVerifier(HostnameVerifier hostnameVerifier) {
+	public RestClientBuilder sslHostnameVerifier(HostnameVerifier hostnameVerifier) {
 		httpClientBuilder.setSSLHostnameVerifier(hostnameVerifier);
 		return this;
 	}
@@ -2200,7 +2363,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setPublicSuffixMatcher(PublicSuffixMatcher)
 	 */
-	public RestClientBuilder setPublicSuffixMatcher(PublicSuffixMatcher publicSuffixMatcher)
{
+	public RestClientBuilder publicSuffixMatcher(PublicSuffixMatcher publicSuffixMatcher) {
 		httpClientBuilder.setPublicSuffixMatcher(publicSuffixMatcher);
 		return this;
 	}
@@ -2210,7 +2373,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setSSLContext(SSLContext)
 	 */
-	public RestClientBuilder setSSLContext(SSLContext sslContext) {
+	public RestClientBuilder sslContext(SSLContext sslContext) {
 		httpClientBuilder.setSSLContext(sslContext);
 		return this;
 	}
@@ -2220,7 +2383,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setSSLSocketFactory(LayeredConnectionSocketFactory)
 	 */
-	public RestClientBuilder setSSLSocketFactory(LayeredConnectionSocketFactory sslSocketFactory)
{
+	public RestClientBuilder sslSocketFactory(LayeredConnectionSocketFactory sslSocketFactory)
{
 		httpClientBuilder.setSSLSocketFactory(sslSocketFactory);
 		return this;
 	}
@@ -2230,7 +2393,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setMaxConnTotal(int)
 	 */
-	public RestClientBuilder setMaxConnTotal(int maxConnTotal) {
+	public RestClientBuilder maxConnTotal(int maxConnTotal) {
 		httpClientBuilder.setMaxConnTotal(maxConnTotal);
 		return this;
 	}
@@ -2240,7 +2403,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setMaxConnPerRoute(int)
 	 */
-	public RestClientBuilder setMaxConnPerRoute(int maxConnPerRoute) {
+	public RestClientBuilder maxConnPerRoute(int maxConnPerRoute) {
 		httpClientBuilder.setMaxConnPerRoute(maxConnPerRoute);
 		return this;
 	}
@@ -2250,7 +2413,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultSocketConfig(SocketConfig)
 	 */
-	public RestClientBuilder setDefaultSocketConfig(SocketConfig config) {
+	public RestClientBuilder defaultSocketConfig(SocketConfig config) {
 		httpClientBuilder.setDefaultSocketConfig(config);
 		return this;
 	}
@@ -2260,7 +2423,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultConnectionConfig(ConnectionConfig)
 	 */
-	public RestClientBuilder setDefaultConnectionConfig(ConnectionConfig config) {
+	public RestClientBuilder defaultConnectionConfig(ConnectionConfig config) {
 		httpClientBuilder.setDefaultConnectionConfig(config);
 		return this;
 	}
@@ -2271,7 +2434,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setConnectionTimeToLive(long,TimeUnit)
 	 */
-	public RestClientBuilder setConnectionTimeToLive(long connTimeToLive, TimeUnit connTimeToLiveTimeUnit)
{
+	public RestClientBuilder connectionTimeToLive(long connTimeToLive, TimeUnit connTimeToLiveTimeUnit)
{
 		httpClientBuilder.setConnectionTimeToLive(connTimeToLive, connTimeToLiveTimeUnit);
 		return this;
 	}
@@ -2281,7 +2444,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setConnectionManager(HttpClientConnectionManager)
 	 */
-	public RestClientBuilder setConnectionManager(HttpClientConnectionManager connManager) {
+	public RestClientBuilder connectionManager(HttpClientConnectionManager connManager) {
 		this.httpClientConnectionManager = connManager;
 		httpClientBuilder.setConnectionManager(connManager);
 		return this;
@@ -2292,7 +2455,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setConnectionManagerShared(boolean)
 	 */
-	public RestClientBuilder setConnectionManagerShared(boolean shared) {
+	public RestClientBuilder connectionManagerShared(boolean shared) {
 		httpClientBuilder.setConnectionManagerShared(shared);
 		return this;
 	}
@@ -2302,7 +2465,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setConnectionReuseStrategy(ConnectionReuseStrategy)
 	 */
-	public RestClientBuilder setConnectionReuseStrategy(ConnectionReuseStrategy reuseStrategy)
{
+	public RestClientBuilder connectionReuseStrategy(ConnectionReuseStrategy reuseStrategy)
{
 		httpClientBuilder.setConnectionReuseStrategy(reuseStrategy);
 		return this;
 	}
@@ -2312,7 +2475,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setKeepAliveStrategy(ConnectionKeepAliveStrategy)
 	 */
-	public RestClientBuilder setKeepAliveStrategy(ConnectionKeepAliveStrategy keepAliveStrategy)
{
+	public RestClientBuilder keepAliveStrategy(ConnectionKeepAliveStrategy keepAliveStrategy)
{
 		httpClientBuilder.setKeepAliveStrategy(keepAliveStrategy);
 		return this;
 	}
@@ -2322,7 +2485,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setTargetAuthenticationStrategy(AuthenticationStrategy)
 	 */
-	public RestClientBuilder setTargetAuthenticationStrategy(AuthenticationStrategy targetAuthStrategy)
{
+	public RestClientBuilder targetAuthenticationStrategy(AuthenticationStrategy targetAuthStrategy)
{
 		httpClientBuilder.setTargetAuthenticationStrategy(targetAuthStrategy);
 		return this;
 	}
@@ -2332,7 +2495,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setProxyAuthenticationStrategy(AuthenticationStrategy)
 	 */
-	public RestClientBuilder setProxyAuthenticationStrategy(AuthenticationStrategy proxyAuthStrategy)
{
+	public RestClientBuilder proxyAuthenticationStrategy(AuthenticationStrategy proxyAuthStrategy)
{
 		httpClientBuilder.setProxyAuthenticationStrategy(proxyAuthStrategy);
 		return this;
 	}
@@ -2342,7 +2505,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setUserTokenHandler(UserTokenHandler)
 	 */
-	public RestClientBuilder setUserTokenHandler(UserTokenHandler userTokenHandler) {
+	public RestClientBuilder userTokenHandler(UserTokenHandler userTokenHandler) {
 		httpClientBuilder.setUserTokenHandler(userTokenHandler);
 		return this;
 	}
@@ -2361,7 +2524,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setSchemePortResolver(SchemePortResolver)
 	 */
-	public RestClientBuilder setSchemePortResolver(SchemePortResolver schemePortResolver) {
+	public RestClientBuilder schemePortResolver(SchemePortResolver schemePortResolver) {
 		httpClientBuilder.setSchemePortResolver(schemePortResolver);
 		return this;
 	}
@@ -2371,7 +2534,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setUserAgent(String)
 	 */
-	public RestClientBuilder setUserAgent(String userAgent) {
+	public RestClientBuilder userAgent(String userAgent) {
 		httpClientBuilder.setUserAgent(userAgent);
 		return this;
 	}
@@ -2381,7 +2544,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultHeaders(Collection)
 	 */
-	public RestClientBuilder setDefaultHeaders(Collection<? extends Header> defaultHeaders)
{
+	public RestClientBuilder defaultHeaders(Collection<? extends Header> defaultHeaders)
{
 		httpClientBuilder.setDefaultHeaders(defaultHeaders);
 		return this;
 	}
@@ -2458,7 +2621,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setHttpProcessor(HttpProcessor)
 	 */
-	public RestClientBuilder setHttpProcessor(HttpProcessor httpprocessor) {
+	public RestClientBuilder httpProcessor(HttpProcessor httpprocessor) {
 		httpClientBuilder.setHttpProcessor(httpprocessor);
 		return this;
 	}
@@ -2468,7 +2631,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setRetryHandler(HttpRequestRetryHandler)
 	 */
-	public RestClientBuilder setRetryHandler(HttpRequestRetryHandler retryHandler) {
+	public RestClientBuilder retryHandler(HttpRequestRetryHandler retryHandler) {
 		httpClientBuilder.setRetryHandler(retryHandler);
 		return this;
 	}
@@ -2487,7 +2650,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setProxy(HttpHost)
 	 */
-	public RestClientBuilder setProxy(HttpHost proxy) {
+	public RestClientBuilder proxy(HttpHost proxy) {
 		httpClientBuilder.setProxy(proxy);
 		return this;
 	}
@@ -2497,7 +2660,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setRoutePlanner(HttpRoutePlanner)
 	 */
-	public RestClientBuilder setRoutePlanner(HttpRoutePlanner routePlanner) {
+	public RestClientBuilder routePlanner(HttpRoutePlanner routePlanner) {
 		httpClientBuilder.setRoutePlanner(routePlanner);
 		return this;
 	}
@@ -2516,7 +2679,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setConnectionBackoffStrategy(ConnectionBackoffStrategy)
 	 */
-	public RestClientBuilder setConnectionBackoffStrategy(ConnectionBackoffStrategy connectionBackoffStrategy)
{
+	public RestClientBuilder connectionBackoffStrategy(ConnectionBackoffStrategy connectionBackoffStrategy)
{
 		httpClientBuilder.setConnectionBackoffStrategy(connectionBackoffStrategy);
 		return this;
 	}
@@ -2526,7 +2689,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setBackoffManager(BackoffManager)
 	 */
-	public RestClientBuilder setBackoffManager(BackoffManager backoffManager) {
+	public RestClientBuilder backoffManager(BackoffManager backoffManager) {
 		httpClientBuilder.setBackoffManager(backoffManager);
 		return this;
 	}
@@ -2536,7 +2699,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setServiceUnavailableRetryStrategy(ServiceUnavailableRetryStrategy)
 	 */
-	public RestClientBuilder setServiceUnavailableRetryStrategy(ServiceUnavailableRetryStrategy
serviceUnavailStrategy) {
+	public RestClientBuilder serviceUnavailableRetryStrategy(ServiceUnavailableRetryStrategy
serviceUnavailStrategy) {
 		httpClientBuilder.setServiceUnavailableRetryStrategy(serviceUnavailStrategy);
 		return this;
 	}
@@ -2546,7 +2709,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultCookieStore(CookieStore)
 	 */
-	public RestClientBuilder setDefaultCookieStore(CookieStore cookieStore) {
+	public RestClientBuilder defaultCookieStore(CookieStore cookieStore) {
 		httpClientBuilder.setDefaultCookieStore(cookieStore);
 		return this;
 	}
@@ -2556,7 +2719,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultCredentialsProvider(CredentialsProvider)
 	 */
-	public RestClientBuilder setDefaultCredentialsProvider(CredentialsProvider credentialsProvider)
{
+	public RestClientBuilder defaultCredentialsProvider(CredentialsProvider credentialsProvider)
{
 		httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
 		return this;
 	}
@@ -2566,7 +2729,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultAuthSchemeRegistry(Lookup)
 	 */
-	public RestClientBuilder setDefaultAuthSchemeRegistry(Lookup<AuthSchemeProvider> authSchemeRegistry)
{
+	public RestClientBuilder defaultAuthSchemeRegistry(Lookup<AuthSchemeProvider> authSchemeRegistry)
{
 		httpClientBuilder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
 		return this;
 	}
@@ -2576,7 +2739,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setContentDecoderRegistry(Map)
 	 */
-	public RestClientBuilder setContentDecoderRegistry(Map<String,InputStreamFactory>
contentDecoderMap) {
+	public RestClientBuilder contentDecoderRegistry(Map<String,InputStreamFactory> contentDecoderMap)
{
 		httpClientBuilder.setContentDecoderRegistry(contentDecoderMap);
 		return this;
 	}
@@ -2586,7 +2749,7 @@ public class RestClientBuilder extends BeanContextBuilder {
 	 * @return This object (for method chaining).
 	 * @see HttpClientBuilder#setDefaultRequestConfig(RequestConfig)
 	 */
-	public RestClientBuilder setDefaultRequestConfig(RequestConfig config) {
+	public RestClientBuilder defaultRequestConfig(RequestConfig config) {
 		httpClientBuilder.setDefaultRequestConfig(config);
 		return this;
 	}
@@ -2619,4 +2782,11 @@ public class RestClientBuilder extends BeanContextBuilder {
 		httpClientBuilder.evictIdleConnections(maxIdleTime, maxIdleTimeUnit);
 		return this;
 	}
+	
+	private static String[] getDefaultProtocols() {
+		String sp = System.getProperty("transport.client.protocol");
+		if (isEmpty(sp))
+			return new String[] {"SSL_TLS","TLS","SSL"};
+		return StringUtils.split(sp, ',');
+	}
 }
diff --git a/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/SSLOpts.java
b/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/SSLOpts.java
deleted file mode 100644
index 1728c74..0000000
--- a/juneau-rest/juneau-rest-client/src/main/java/org/apache/juneau/rest/client/SSLOpts.java
+++ /dev/null
@@ -1,186 +0,0 @@
-// ***************************************************************************************************************************
-// * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
agreements.  See the NOTICE file *
-// * distributed with this work for additional information regarding copyright ownership.
 The ASF licenses this file        *
-// * to you under the Apache License, Version 2.0 (the "License"); you may not use this file
except in compliance            *
-// * with the License.  You may obtain a copy of the License at                         
                                    *
-// *                                                                                    
                                    *
-// *  http://www.apache.org/licenses/LICENSE-2.0                                        
                                    *
-// *                                                                                    
                                    *
-// * Unless required by applicable law or agreed to in writing, software distributed under
the License is distributed on an  *
-// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the        *
-// * specific language governing permissions and limitations under the License.         
                                    *
-// ***************************************************************************************************************************
-package org.apache.juneau.rest.client;
-
-import static org.apache.juneau.internal.StringUtils.*;
-
-/**
- * SSL configuration options that get passed to {@link RestClientBuilder#enableSSL(SSLOpts)}.
- */
-public class SSLOpts {
-
-	private String protocols = getDefaultProtocols();
-	private CertValidate certValidate = CertValidate.DEFAULT;
-	private HostVerify hostVerify = HostVerify.DEFAULT;
-
-	/**
-	 * Reusable SSL options for lenient SSL (no cert validation or hostname verification).
-	 */
-	public static final SSLOpts LAX = new SSLOpts(null, CertValidate.LAX, HostVerify.LAX);
-
-	/**
-	 * Reusable SSL options for normal SSL (default cert validation and hostname verification).
-	 */
-	public static final SSLOpts DEFAULT = new SSLOpts(null, CertValidate.DEFAULT, HostVerify.DEFAULT);
-
-	/**
-	 * Constructor.
-	 */
-	public SSLOpts() {}
-
-	/**
-	 * Constructor.
-	 * 
-	 * @param protocols
-	 * 	A comma-delimited list of supported SSL protocols.
-	 * 	If <jk>null</jk>, uses the value returned by {@link #getDefaultProtocols()}.
-	 * @param certValidate Certificate validation setting.
-	 * @param hostVerify Host verification setting.
-	 */
-	public SSLOpts(String protocols, CertValidate certValidate, HostVerify hostVerify) {
-		if (protocols != null)
-			this.protocols = protocols;
-		this.certValidate = certValidate;
-		this.hostVerify = hostVerify;
-	}
-
-	/**
-	 * Returns the default list of SSL protocols to support when the <code>protocols</code>
parameter on the constructor
-	 * is <jk>null</jk>.
-	 * 
-	 * <p>
-	 * The default value is <jk>"SSL_TLS,TLS,SSL"</js> unless overridden by one
of the following system properties:
-	 * <ul>
-	 * 	<li><js>"transport.client.protocol"</js>
-	 * </ul>
-	 * 
-	 * <p>
-	 * Subclasses can override this method to provide their own logic for determining default
supported protocols.
-	 * 
-	 * @return The comma-delimited list of supported protocols.
-	 */
-	protected String getDefaultProtocols() {
-		String sp = System.getProperty("transport.client.protocol");
-		if (isEmpty(sp))
-			sp = "SSL_TLS,TLS,SSL";
-		return sp;
-	}
-
-
-	//--------------------------------------------------------------------------------
-	// Bean properties
-	//--------------------------------------------------------------------------------
-
-	/**
-	 * Bean property getter:  <property>protocols</property>.
-	 * 
-	 * @return The value of the <property>protocols</property> property on this
bean, or <jk>null</jk> if it is not set.
-	 */
-	public String getProtocols() {
-		return protocols;
-	}
-
-	/**
-	 * Bean property setter:  <property>protocols</property>.
-	 * 
-	 * @param protocols The new value for the <property>protocols</property> property
on this bean.
-	 * @return This object (for method chaining).
-	 */
-	public SSLOpts setProtocols(String protocols) {
-		this.protocols = protocols;
-		return this;
-	}
-
-	/**
-	 * Bean property getter:  <property>certValidate</property>.
-	 * 
-	 * @return The value of the <property>certValidate</property> property on this
bean, or <jk>null</jk> if it is not set.
-	 */
-	public CertValidate getCertValidate() {
-		return certValidate;
-	}
-
-	/**
-	 * Bean property setter:  <property>certValidate</property>.
-	 * 
-	 * @param certValidate The new value for the <property>certValidate</property>
property on this bean.
-	 * @return This object (for method chaining).
-	 */
-	public SSLOpts setCertValidate(CertValidate certValidate) {
-		this.certValidate = certValidate;
-		return this;
-	}
-
-	/**
-	 * Bean property getter:  <property>hostVerify</property>.
-	 * 
-	 * @return The value of the <property>hostVerify</property> property on this
bean, or <jk>null</jk> if it is not set.
-	 */
-	public HostVerify getHostVerify() {
-		return hostVerify;
-	}
-
-	/**
-	 * Bean property setter:  <property>hostVerify</property>.
-	 * 
-	 * @param hostVerify The new value for the <property>hostVerify</property> property
on this bean.
-	 * @return This object (for method chaining).
-	 */
-	public SSLOpts setHostVerify(HostVerify hostVerify) {
-		this.hostVerify = hostVerify;
-		return this;
-	}
-
-
-	//--------------------------------------------------------------------------------
-	// Enums
-	//--------------------------------------------------------------------------------
-
-	/**
-	 * Certificate validation options.
-	 * 
-	 * <p>
-	 * Used as enum for {@link SSLOpts#getCertValidate()} property.
-	 */
-	public static enum CertValidate {
-
-		/**
-		 * Verify that the certificate is valid, but allow for self-signed certificates.
-		 */
-		LAX,
-
-		/**
-		 * Do normal certificate chain validation.
-		 */
-		DEFAULT
-	}
-
-	/**
-	 * Certificate host verification options.
-	 * 
-	 * <p>
-	 * Used as enum for {@link SSLOpts#getHostVerify()} property.
-	 */
-	public enum HostVerify {
-
-		/**
-		 * Don't verify the hostname in the certificate.
-		 */
-		LAX,
-
-		/**
-		 * Do normal hostname verification.
-		 */
-		DEFAULT
-	}
-}

-- 
To stop receiving notification emails like this one, please contact
jamesbognar@apache.org.

Mime
View raw message