public abstract class HttpsURLConnection extends HttpURLConnection
HttpsURLConnection
extends HttpURLConnection
with support for https-specific features.
See http://www.w3.org/pub/WWW/Protocols/ and RFC 2818 for more details on the https specification.
This class uses HostnameVerifier
and
SSLSocketFactory
.
There are default implementations defined for both classes.
However, the implementations can be replaced on a per-class (static) or
per-instance basis. All new HttpsURLConnection
s instances
will be assigned
the "default" static values at instance creation, but they can be overriden
by calling the appropriate per-instance set method(s) before
connect
ing.
Modifier and Type | Field and Description |
---|---|
protected HostnameVerifier |
hostnameVerifier
The
hostnameVerifier for this object. |
chunkLength, fixedContentLength, fixedContentLengthLong, HTTP_ACCEPTED, HTTP_BAD_GATEWAY, HTTP_BAD_METHOD, HTTP_BAD_REQUEST, HTTP_CLIENT_TIMEOUT, HTTP_CONFLICT, HTTP_CREATED, HTTP_ENTITY_TOO_LARGE, HTTP_FORBIDDEN, HTTP_GATEWAY_TIMEOUT, HTTP_GONE, HTTP_INTERNAL_ERROR, HTTP_LENGTH_REQUIRED, HTTP_MOVED_PERM, HTTP_MOVED_TEMP, HTTP_MULT_CHOICE, HTTP_NO_CONTENT, HTTP_NOT_ACCEPTABLE, HTTP_NOT_AUTHORITATIVE, HTTP_NOT_FOUND, HTTP_NOT_IMPLEMENTED, HTTP_NOT_MODIFIED, HTTP_OK, HTTP_PARTIAL, HTTP_PAYMENT_REQUIRED, HTTP_PRECON_FAILED, HTTP_PROXY_AUTH, HTTP_REQ_TOO_LONG, HTTP_RESET, HTTP_SEE_OTHER, HTTP_SERVER_ERROR, HTTP_UNAUTHORIZED, HTTP_UNAVAILABLE, HTTP_UNSUPPORTED_TYPE, HTTP_USE_PROXY, HTTP_VERSION, instanceFollowRedirects, method, responseCode, responseMessage
allowUserInteraction, connected, doInput, doOutput, ifModifiedSince, url, useCaches
Modifier | Constructor and Description |
---|---|
protected |
HttpsURLConnection(URL url)
Creates an
HttpsURLConnection using the
URL specified. |
Modifier and Type | Method and Description |
---|---|
abstract String |
getCipherSuite()
Returns the cipher suite in use on this connection.
|
static HostnameVerifier |
getDefaultHostnameVerifier()
Gets the default
HostnameVerifier that is inherited
by new instances of this class. |
static SSLSocketFactory |
getDefaultSSLSocketFactory()
Gets the default static
SSLSocketFactory that is
inherited by new instances of this class. |
HostnameVerifier |
getHostnameVerifier()
Gets the
HostnameVerifier in place on this instance. |
abstract Certificate[] |
getLocalCertificates()
Returns the certificate(s) that were sent to the server during
handshaking.
|
Principal |
getLocalPrincipal()
Returns the principal that was sent to the server during handshaking.
|
Principal |
getPeerPrincipal()
Returns the server's principal which was established as part of
defining the session.
|
abstract Certificate[] |
getServerCertificates()
Returns the server's certificate chain which was established
as part of defining the session.
|
SSLSocketFactory |
getSSLSocketFactory()
Gets the SSL socket factory to be used when creating sockets
for secure https URL connections.
|
static void |
setDefaultHostnameVerifier(HostnameVerifier v)
Sets the default
HostnameVerifier inherited by a
new instance of this class. |
static void |
setDefaultSSLSocketFactory(SSLSocketFactory sf)
Sets the default
SSLSocketFactory inherited by new
instances of this class. |
void |
setHostnameVerifier(HostnameVerifier v)
Sets the
HostnameVerifier for this instance. |
void |
setSSLSocketFactory(SSLSocketFactory sf)
Sets the
SSLSocketFactory to be used when this instance
creates sockets for secure https URL connections. |
disconnect, getErrorStream, getFollowRedirects, getHeaderField, getHeaderFieldDate, getHeaderFieldKey, getInstanceFollowRedirects, getPermission, getRequestMethod, getResponseCode, getResponseMessage, setChunkedStreamingMode, setFixedLengthStreamingMode, setFixedLengthStreamingMode, setFollowRedirects, setInstanceFollowRedirects, setRequestMethod, usingProxy
addRequestProperty, connect, getAllowUserInteraction, getConnectTimeout, getContent, getContent, getContentEncoding, getContentLength, getContentLengthLong, getContentType, getDate, getDefaultAllowUserInteraction, getDefaultRequestProperty, getDefaultUseCaches, getDoInput, getDoOutput, getExpiration, getFileNameMap, getHeaderField, getHeaderFieldInt, getHeaderFieldLong, getHeaderFields, getIfModifiedSince, getInputStream, getLastModified, getOutputStream, getReadTimeout, getRequestProperties, getRequestProperty, getURL, getUseCaches, guessContentTypeFromName, guessContentTypeFromStream, setAllowUserInteraction, setConnectTimeout, setContentHandlerFactory, setDefaultAllowUserInteraction, setDefaultRequestProperty, setDefaultUseCaches, setDoInput, setDoOutput, setFileNameMap, setIfModifiedSince, setReadTimeout, setRequestProperty, setUseCaches, toString
protected HostnameVerifier hostnameVerifier
hostnameVerifier
for this object.protected HttpsURLConnection(URL url)
HttpsURLConnection
using the
URL specified.url
- the URLpublic abstract String getCipherSuite()
IllegalStateException
- if this method is called before
the connection has been established.public abstract Certificate[] getLocalCertificates()
Note: This method is useful only when using certificate-based cipher suites.
When multiple certificates are available for use in a handshake, the implementation chooses what it considers the "best" certificate chain available, and transmits that to the other side. This method allows the caller to know which certificate chain was actually sent.
IllegalStateException
- if this method is called before
the connection has been established.getLocalPrincipal()
public abstract Certificate[] getServerCertificates() throws SSLPeerUnverifiedException
Note: This method can be used only when using certificate-based cipher suites; using it with non-certificate-based cipher suites, such as Kerberos, will throw an SSLPeerUnverifiedException.
SSLPeerUnverifiedException
- if the peer is not verified.IllegalStateException
- if this method is called before
the connection has been established.getPeerPrincipal()
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException
Note: Subclasses should override this method. If not overridden, it will default to returning the X500Principal of the server's end-entity certificate for certificate-based ciphersuites, or throw an SSLPeerUnverifiedException for non-certificate based ciphersuites, such as Kerberos.
SSLPeerUnverifiedException
- if the peer was not verifiedIllegalStateException
- if this method is called before
the connection has been established.getServerCertificates()
,
getLocalPrincipal()
public Principal getLocalPrincipal()
Note: Subclasses should override this method. If not overridden, it will default to returning the X500Principal of the end-entity certificate that was sent to the server for certificate-based ciphersuites or, return null for non-certificate based ciphersuites, such as Kerberos.
IllegalStateException
- if this method is called before
the connection has been established.getLocalCertificates()
,
getPeerPrincipal()
public static void setDefaultHostnameVerifier(HostnameVerifier v)
HostnameVerifier
inherited by a
new instance of this class.
If this method is not called, the default
HostnameVerifier
assumes the connection should not
be permitted.
v
- the default host name verifierIllegalArgumentException
- if the HostnameVerifier
parameter is null.SecurityException
- if a security manager exists and its
checkPermission
method does not allow
SSLPermission("setHostnameVerifier")
getDefaultHostnameVerifier()
public static HostnameVerifier getDefaultHostnameVerifier()
HostnameVerifier
that is inherited
by new instances of this class.setDefaultHostnameVerifier(HostnameVerifier)
public void setHostnameVerifier(HostnameVerifier v)
HostnameVerifier
for this instance.
New instances of this class inherit the default static hostname
verifier set by setDefaultHostnameVerifier
. Calls to this method replace
this object's HostnameVerifier
.
v
- the host name verifierIllegalArgumentException
- if the HostnameVerifier
parameter is null.getHostnameVerifier()
,
setDefaultHostnameVerifier(HostnameVerifier)
public HostnameVerifier getHostnameVerifier()
HostnameVerifier
in place on this instance.setHostnameVerifier(HostnameVerifier)
,
setDefaultHostnameVerifier(HostnameVerifier)
public static void setDefaultSSLSocketFactory(SSLSocketFactory sf)
SSLSocketFactory
inherited by new
instances of this class.
The socket factories are used when creating sockets for secure https URL connections.
sf
- the default SSL socket factoryIllegalArgumentException
- if the SSLSocketFactory
parameter is null.SecurityException
- if a security manager exists and its
checkSetFactory
method does not allow
a socket factory to be specified.getDefaultSSLSocketFactory()
public static SSLSocketFactory getDefaultSSLSocketFactory()
SSLSocketFactory
that is
inherited by new instances of this class.
The socket factories are used when creating sockets for secure https URL connections.
SSLSocketFactory
setDefaultSSLSocketFactory(SSLSocketFactory)
public void setSSLSocketFactory(SSLSocketFactory sf)
SSLSocketFactory
to be used when this instance
creates sockets for secure https URL connections.
New instances of this class inherit the default static
SSLSocketFactory
set by
setDefaultSSLSocketFactory
. Calls to this method replace
this object's SSLSocketFactory
.
sf
- the SSL socket factoryIllegalArgumentException
- if the SSLSocketFactory
parameter is null.SecurityException
- if a security manager exists and its
checkSetFactory
method does not allow
a socket factory to be specified.getSSLSocketFactory()
public SSLSocketFactory getSSLSocketFactory()
SSLSocketFactory
setSSLSocketFactory(SSLSocketFactory)
Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2025, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.