Package org.apache.commons.net.ftp
Class FTPSClient
java.lang.Object
org.apache.commons.net.SocketClient
org.apache.commons.net.ftp.FTP
org.apache.commons.net.ftp.FTPClient
org.apache.commons.net.ftp.FTPSClient
- All Implemented Interfaces:
- Configurable
FTP over SSL processing. If desired, the JVM property -Djavax.net.debug=all can be used to see wire-level SSL details.
 Warning: the hostname is not verified against the certificate by default, use 
setHostnameVerifier(HostnameVerifier) or
 setEndpointCheckingEnabled(boolean) (on Java 1.7+) to enable verification. Verification is only performed on client mode connections.- Since:
- 2.0
- 
Nested Class SummaryNested classes/interfaces inherited from class org.apache.commons.net.ftp.FTPClientFTPClient.HostnameResolver, FTPClient.NatServerResolverImpl
- 
Field SummaryFieldsModifier and TypeFieldDescriptionstatic final intDefault FTPS data port.static final intDefault FTPS port.static StringDeprecated.- not used - may be removed in a future releasestatic StringDeprecated.- not used - may be removed in a future releasestatic StringDeprecated.- not used - may be removed in a future releasestatic StringDeprecated.- not used - may be removed in a future releaseFields inherited from class org.apache.commons.net.ftp.FTPClientACTIVE_LOCAL_DATA_CONNECTION_MODE, ACTIVE_REMOTE_DATA_CONNECTION_MODE, FTP_IP_ADDRESS_FROM_PASV_RESPONSE, FTP_SYSTEM_TYPE, FTP_SYSTEM_TYPE_DEFAULT, PASSIVE_LOCAL_DATA_CONNECTION_MODE, PASSIVE_REMOTE_DATA_CONNECTION_MODE, SYSTEM_TYPE_PROPERTIESFields inherited from class org.apache.commons.net.ftp.FTP_commandSupport_, _controlEncoding, _controlInput_, _controlOutput_, _newReplyString, _replyCode, _replyLines, _replyString, ASCII_FILE_TYPE, BINARY_FILE_TYPE, BLOCK_TRANSFER_MODE, CARRIAGE_CONTROL_TEXT_FORMAT, COMPRESSED_TRANSFER_MODE, DEFAULT_CONTROL_ENCODING, DEFAULT_DATA_PORT, DEFAULT_PORT, DEFLATE_TRANSFER_MODE, EBCDIC_FILE_TYPE, FILE_STRUCTURE, LOCAL_FILE_TYPE, NON_PRINT_TEXT_FORMAT, PAGE_STRUCTURE, RECORD_STRUCTURE, REPLY_CODE_LEN, STREAM_TRANSFER_MODE, strictMultilineParsing, TELNET_TEXT_FORMATFields inherited from class org.apache.commons.net.SocketClient_defaultPort_, _hostname_, _input_, _output_, _serverSocketFactory_, _socket_, _socketFactory_, _timeout_, connectTimeout, NETASCII_EOL, remoteInetSocketAddress
- 
Constructor SummaryConstructorsConstructorDescriptionConstructor for FTPSClient, callsFTPSClient(String, boolean).FTPSClient(boolean isImplicit) Constructor for FTPSClient, usingDEFAULT_PROTOCOL- i.e.FTPSClient(boolean isImplicit, SSLContext context) Constructor for FTPSClient, usingDEFAULT_PROTOCOL- i.e.FTPSClient(String protocol) Constructor for FTPSClient, using explicit mode, callsFTPSClient(String, boolean).FTPSClient(String protocol, boolean isImplicit) Constructor for FTPSClient allowing specification of protocol and security mode.FTPSClient(SSLContext context) Constructor for FTPSClient, usingDEFAULT_PROTOCOL- i.e.
- 
Method SummaryModifier and TypeMethodDescriptionprotected voidBecause there are so many connect() methods, the _connectAction_() method is provided as a means of performing some action immediately after establishing a connection, rather than reimplementing all the connect() methods.protected Socket_openDataConnection_(int command, String arg) Deprecated.(3.3) UseFTPClient._openDataConnection_(FTPCmd, String)insteadprotected Socket_openDataConnection_(String command, String arg) Returns a socket of the data connection.protected void_prepareDataSocket_(Socket socket) Performs any custom initialization for a newly created SSLSocket (before the SSL handshake happens).voidCloses the connection to the FTP server and restores connection parameters to the default values.intexecADAT(byte[] data) Sends the ADAT command with the specified authentication data.protected voidexecAUTH()Sends the AUTH command.intSends the AUTH command with the specified mechanism.intexecCCC()Sends the CCC command to the server.intexecCONF(byte[] data) Sends the CONF command with the specified data.intexecENC(byte[] data) Sends the ENC command with the specified data.intexecMIC(byte[] data) Sends the MIC command with the specified data.voidexecPBSZ(long pbsz) PBSZ command.voidPROT command.Return AUTH command use value.String[]Returns the names of the cipher suites which could be enabled for use on this connection.String[]Returns the names of the protocol versions which are currently enabled for use on this connection.booleanReturns true if new SSL sessions may be established by this socket.Gets the currently configuredHostnameVerifier.booleanReturns true if the socket will require client authentication.protected StringGets the secure socket protocol to be used, e.g.protected String[]Gets the protocol versions.protected String[]Gets the cipher suites.Gets the currently configuredTrustManager.booleanReturns true if the socket is set to use client mode in its first handshake.booleanReturns true if the socket will request client authentication.protected booleanGets the use client mode flag.protected booleanGets whether a new SSL session may be established by this socket.booleanReturn whether or not endpoint identification using the HTTPS algorithm on Java 1.7+ is enabled.protected booleanGets the security mode.protected booleanGets the need client auth flag.protected booleanGets the want client auth flag.byte[]parseADATReply(String reply) Parses the given ADAT response line and base64-decodes the data.longparsePBSZ(long pbsz) PBSZ command.intsendCommand(String command, String args) Send an FTP command.voidsetAuthValue(String auth) Sets AUTH command use value.voidsetEnabledCipherSuites(String[] cipherSuites) Controls which particular cipher suites are enabled for use on this connection.voidsetEnabledProtocols(String[] protocolVersions) Controls which particular protocol versions are enabled for use on this connection.voidsetEnabledSessionCreation(boolean isCreation) Controls whether a new SSL session may be established by this socket.voidsetEndpointCheckingEnabled(boolean enable) Automatic endpoint identification checking using the HTTPS algorithm is supported on Java 1.7+.voidsetHostnameVerifier(HostnameVerifier newHostnameVerifier) Override the defaultHostnameVerifierto use.voidsetKeyManager(KeyManager keyManager) Sets aKeyManagerto usevoidsetNeedClientAuth(boolean isNeedClientAuth) Configures the socket to require client authentication.voidsetTrustManager(TrustManager trustManager) Override the defaultTrustManagerto use; if set tonull, the default TrustManager from the JVM will be used.voidsetUseClientMode(boolean isClientMode) Configures the socket to use client (or server) mode in its first handshake.voidsetWantClientAuth(boolean isWantClientAuth) Configures the socket to request client authentication, but only if such a request is appropriate to the cipher suite negotiated.protected voidSSL/TLS negotiation.Methods inherited from class org.apache.commons.net.ftp.FTPClient_connectAction_, _openDataConnection_, _parseExtendedPassiveModeReply, _parsePassiveModeReply, _retrieveFile, _retrieveFileStream, _storeFile, _storeFileStream, abort, allocate, allocate, allocate, allocate, appendFile, appendFileStream, changeToParentDirectory, changeWorkingDirectory, completePendingCommand, configure, deleteFile, doCommand, doCommandAsStrings, enterLocalActiveMode, enterLocalPassiveMode, enterRemoteActiveMode, enterRemotePassiveMode, features, featureValue, featureValues, getAutodetectUTF8, getBufferSize, getControlKeepAliveReplyTimeout, getControlKeepAliveReplyTimeoutDuration, getControlKeepAliveTimeout, getControlKeepAliveTimeoutDuration, getCopyStreamListener, getCslDebug, getDataConnectionMode, getDataTimeout, getListArguments, getListHiddenFiles, getModificationTime, getPassiveHost, getPassiveLocalIPAddress, getPassivePort, getReceiveDataSocketBufferSize, getRestartOffset, getSendDataSocketBufferSize, getSize, getStatus, getStatus, getSystemName, getSystemType, hasFeature, hasFeature, hasFeature, initiateListParsing, initiateListParsing, initiateListParsing, initiateMListParsing, initiateMListParsing, isIpAddressFromPasvResponse, isRemoteVerificationEnabled, isUseEPSVwithIPv4, listDirectories, listDirectories, listFiles, listFiles, listFiles, listHelp, listHelp, listNames, listNames, login, login, logout, makeDirectory, mdtmCalendar, mdtmFile, mdtmInstant, mlistDir, mlistDir, mlistDir, mlistFile, printWorkingDirectory, reinitialize, remoteAppend, remoteRetrieve, remoteStore, remoteStoreUnique, remoteStoreUnique, removeDirectory, rename, restart, retrieveFile, retrieveFileStream, sendNoOp, sendSiteCommand, setActiveExternalIPAddress, setActivePortRange, setAutodetectUTF8, setBufferSize, setControlKeepAliveReplyTimeout, setControlKeepAliveReplyTimeout, setControlKeepAliveTimeout, setControlKeepAliveTimeout, setCopyStreamListener, setDataTimeout, setDataTimeout, setFileStructure, setFileTransferMode, setFileType, setFileType, setIpAddressFromPasvResponse, setListHiddenFiles, setModificationTime, setParserFactory, setPassiveLocalIPAddress, setPassiveLocalIPAddress, setPassiveNatWorkaround, setPassiveNatWorkaroundStrategy, setReceieveDataSocketBufferSize, setRemoteVerificationEnabled, setReportActiveExternalIPAddress, setRestartOffset, setSendDataSocketBufferSize, setUseEPSVwithIPv4, storeFile, storeFileStream, storeUniqueFile, storeUniqueFile, storeUniqueFileStream, storeUniqueFileStream, structureMountMethods inherited from class org.apache.commons.net.ftp.FTP__getReplyNoReport, __noop, abor, acct, allo, allo, allo, allo, appe, cdup, cwd, dele, eprt, epsv, feat, getCommandSupport, getControlEncoding, getReply, getReplyCode, getReplyString, getReplyStrings, help, help, isStrictMultilineParsing, isStrictReplyParsing, list, list, mdtm, mfmt, mkd, mlsd, mlsd, mlst, mlst, mode, nlst, nlst, noop, pass, pasv, port, pwd, quit, rein, rest, retr, rmd, rnfr, rnto, sendCommand, sendCommand, sendCommand, sendCommand, sendCommand, setControlEncoding, setStrictMultilineParsing, setStrictReplyParsing, site, size, smnt, stat, stat, stor, stou, stou, stru, syst, type, type, userMethods inherited from class org.apache.commons.net.SocketClientaddProtocolCommandListener, applySocketAttributes, checkOpenOutputStream, connect, connect, connect, connect, connect, connect, createCommandSupport, fireCommandSent, fireReplyReceived, getCharset, getCharsetName, getConnectTimeout, getDefaultPort, getDefaultTimeout, getKeepAlive, getLocalAddress, getLocalPort, getProxy, getReceiveBufferSize, getRemoteAddress, getRemoteInetSocketAddress, getRemotePort, getSendBufferSize, getServerSocketFactory, getSoLinger, getSoTimeout, getTcpNoDelay, isAvailable, isConnected, removeProtocolCommandListener, setCharset, setConnectTimeout, setDefaultPort, setDefaultTimeout, setKeepAlive, setProxy, setReceiveBufferSize, setSendBufferSize, setServerSocketFactory, setSocketFactory, setSoLinger, setSoTimeout, setTcpNoDelay, verifyRemote
- 
Field Details- 
DEFAULT_FTPS_DATA_PORTDefault FTPS data port.- See Also:
 
- 
DEFAULT_FTPS_PORTDefault FTPS port.- See Also:
 
- 
KEYSTORE_ALGORITHMDeprecated.- not used - may be removed in a future release
- 
TRUSTSTORE_ALGORITHMDeprecated.- not used - may be removed in a future release
- 
PROVIDERDeprecated.- not used - may be removed in a future release
- 
STORE_TYPEDeprecated.- not used - may be removed in a future release
 
- 
- 
Constructor Details- 
FTPSClientpublic FTPSClient()Constructor for FTPSClient, callsFTPSClient(String, boolean). Sets protocol toDEFAULT_PROTOCOL- i.e. TLS - and security mode to explicit (isImplicit = false)
- 
FTPSClientConstructor for FTPSClient, usingDEFAULT_PROTOCOL- i.e. TLS CallsFTPSClient(String, boolean)- Parameters:
- isImplicit- The security mode (Implicit/Explicit).
 
- 
FTPSClientConstructor for FTPSClient, usingDEFAULT_PROTOCOL- i.e. TLS The default TrustManager is set fromTrustManagerUtils.getValidateServerCertificateTrustManager()- Parameters:
- isImplicit- The security mode(Implicit/Explicit).
- context- A pre-configured SSL Context
 
- 
FTPSClientConstructor for FTPSClient, usingDEFAULT_PROTOCOL- i.e. TLS and isImplicitfalseCallsFTPSClient(boolean, SSLContext)- Parameters:
- context- A pre-configured SSL Context
 
- 
FTPSClientConstructor for FTPSClient, using explicit mode, callsFTPSClient(String, boolean).- Parameters:
- protocol- the protocol to use
 
- 
FTPSClientConstructor for FTPSClient allowing specification of protocol and security mode. If isImplicit is true, the port is set toDEFAULT_FTPS_PORTi.e. 990. The default TrustManager is set fromTrustManagerUtils.getValidateServerCertificateTrustManager()- Parameters:
- protocol- the protocol
- isImplicit- The security mode(Implicit/Explicit).
 
 
- 
- 
Method Details- 
_connectAction_Because there are so many connect() methods, the _connectAction_() method is provided as a means of performing some action immediately after establishing a connection, rather than reimplementing all the connect() methods.- Overrides:
- _connectAction_in class- FTPClient
- Throws:
- IOException- If there is any problem with establishing the connection.
- See Also:
 
- 
_openDataConnection_Deprecated.(3.3) UseFTPClient._openDataConnection_(FTPCmd, String)insteadReturns a socket of the data connection. Wrapped as anSSLSocket, which carries out handshake processing.- Overrides:
- _openDataConnection_in class- FTPClient
- Parameters:
- command- The int representation of the FTP command to send.
- arg- The arguments to the FTP command. If this parameter is set to null, then the command is sent with no arguments.
- Returns:
- corresponding to the established data connection. Null is returned if an FTP protocol error is reported at any point during the establishment and initialization of the connection.
- Throws:
- IOException- If there is any problem with the connection.
- See Also:
 
- 
_openDataConnection_Returns a socket of the data connection. Wrapped as anSSLSocket, which carries out handshake processing.- Overrides:
- _openDataConnection_in class- FTPClient
- Parameters:
- command- The textual representation of the FTP command to send.
- arg- The arguments to the FTP command. If this parameter is set to null, then the command is sent with no arguments.
- Returns:
- corresponding to the established data connection. Null is returned if an FTP protocol error is reported at any point during the establishment and initialization of the connection.
- Throws:
- IOException- If there is any problem with the connection.
- Since:
- 3.2
- See Also:
 
- 
_prepareDataSocket_Performs any custom initialization for a newly created SSLSocket (before the SSL handshake happens). Called by_openDataConnection_(int, String)immediately after creating the socket. The default implementation is a no-op- Parameters:
- socket- the socket to set up
- Throws:
- IOException- on error
- Since:
- 3.1
 
- 
disconnectCloses the connection to the FTP server and restores connection parameters to the default values.Calls setSocketFactory(null)andsetServerSocketFactory(null)to reset the factories that may have been changed during the session, e.g. byexecPROT(String)- Overrides:
- disconnectin class- FTPClient
- Throws:
- IOException- If an error occurs while disconnecting.
- Since:
- 3.0
 
- 
execADATSends the ADAT command with the specified authentication data.- Parameters:
- data- The data to send with the command.
- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
 
- 
execAUTHSends the AUTH command.- Throws:
- SSLException- If the server reply code equals neither "234" nor "334".
- IOException- If an I/O error occurs while either sending the command.
 
- 
execAUTHSends the AUTH command with the specified mechanism.- Parameters:
- mechanism- The mechanism name to send with the command.
- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
 
- 
execCCCSends the CCC command to the server. The CCC (Clear Command Channel) command causes the underlyingSSLSocketinstance to be assigned to a plainSocketinstances- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
 
- 
execCONFSends the CONF command with the specified data.- Parameters:
- data- The data to send with the command.
- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
 
- 
execENCSends the ENC command with the specified data.- Parameters:
- data- The data to send with the command.
- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
 
- 
execMICSends the MIC command with the specified data.- Parameters:
- data- The data to send with the command.
- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
 
- 
execPBSZPBSZ command. pbsz value: 0 to (2^32)-1 decimal integer.- Parameters:
- pbsz- Protection Buffer Size.
- Throws:
- SSLException- If the server reply code does not equal "200".
- IOException- If an I/O error occurs while sending the command.
- See Also:
 
- 
execPROTPROT command.- C - Clear
- S - Safe(SSL protocol only)
- E - Confidential(SSL protocol only)
- P - Private
 SocketClient.setSocketFactory(javax.net.SocketFactory)andSocketClient.setServerSocketFactory(javax.net.ServerSocketFactory)- Parameters:
- prot- Data Channel Protection Level, if- null, use- DEFAULT_PROT.
- Throws:
- SSLException- If the server reply code does not equal- 200.
- IOException- If an I/O error occurs while sending the command.
 
- 
getAuthValueReturn AUTH command use value.- Returns:
- AUTH command use value.
 
- 
getEnabledCipherSuitesReturns the names of the cipher suites which could be enabled for use on this connection. When the underlyingSocketis not anSSLSocketinstance, returns null.- Returns:
- An array of cipher suite names, or null
 
- 
getEnabledProtocolsReturns the names of the protocol versions which are currently enabled for use on this connection. When the underlyingSocketis not anSSLSocketinstance, returns null.- Returns:
- An array of protocols, or null
 
- 
getEnableSessionCreationReturns true if new SSL sessions may be established by this socket. When the underlyingSocketinstance is not SSL-enabled (i.e. an instance ofSSLSocketwithSSLSocketgetEnableSessionCreation()) enabled, this returns False.- Returns:
- true - Indicates that sessions may be created; this is the default. false - indicates that an existing session must be resumed.
 
- 
getHostnameVerifierGets the currently configuredHostnameVerifier. The verifier is only used on client mode connections.- Returns:
- A HostnameVerifier instance.
- Since:
- 3.4
 
- 
getNeedClientAuthReturns true if the socket will require client authentication. When the underlyingSocketis not anSSLSocketinstance, returns false.- Returns:
- true - If the server mode socket should request that the client authenticate itself.
 
- 
getProtocolGets the secure socket protocol to be used, e.g. SSL/TLS.- Returns:
- the protocol
- Since:
- 3.11.0
 
- 
getProtocolsGets the protocol versions. ThegetEnabledProtocols()method gets the value from the socket while this method gets its value from this instance's config.- Returns:
- a clone of the protocols, may be null
- Since:
- 3.11.0
 
- 
getSuitesGets the cipher suites. ThegetEnabledCipherSuites()method gets the value from the socket while this method gets its value from this instance's config.- Returns:
- a clone of the suites, may be null
- Since:
- 3.11.0
 
- 
getTrustManagerGets the currently configuredTrustManager.- Returns:
- A TrustManager instance.
 
- 
getUseClientModeReturns true if the socket is set to use client mode in its first handshake. When the underlyingSocketis not anSSLSocketinstance, returns false.- Returns:
- true - If the socket should start its first handshake in "client" mode.
 
- 
getWantClientAuthReturns true if the socket will request client authentication. When the underlyingSocketis not anSSLSocketinstance, returns false.- Returns:
- true - If the server mode socket should request that the client authenticate itself.
 
- 
isClientModeGets the use client mode flag. ThegetUseClientMode()method gets the value from the socket while this method gets its value from this instance's config.- Returns:
- True If the socket should start its first handshake in "client" mode.
- Since:
- 3.11.0
 
- 
isCreationGets whether a new SSL session may be established by this socket. Default true- Returns:
- True if session may be established
- Since:
- 3.11.0
 
- 
isEndpointCheckingEnabledReturn whether or not endpoint identification using the HTTPS algorithm on Java 1.7+ is enabled. The default behavior is for this to be disabled. This check is only performed on client mode connections.- Returns:
- True if enabled, false if not.
- Since:
- 3.4
 
- 
isImplicitGets the security mode. (True - Implicit Mode / False - Explicit Mode)- Returns:
- True if enabled, false if not.
- Since:
- 3.11.0
 
- 
isNeedClientAuthGets the need client auth flag. ThegetNeedClientAuth()method gets the value from the socket while this method gets its value from this instance's config.- Returns:
- True if enabled, false if not.
- Since:
- 3.11.0
 
- 
isWantClientAuthGets the want client auth flag. ThegetWantClientAuth()method gets the value from the socket while this method gets its value from this instance's config.- Returns:
- True if enabled, false if not.
- Since:
- 3.11.0
 
- 
parseADATReplyParses the given ADAT response line and base64-decodes the data.- Parameters:
- reply- The ADAT reply to parse.
- Returns:
- the data in the reply, base64-decoded.
- Since:
- 3.0
 
- 
parsePBSZPBSZ command. pbsz value: 0 to (2^32)-1 decimal integer. Issues the command and parses the response to return the negotiated value.- Parameters:
- pbsz- Protection Buffer Size.
- Returns:
- the negotiated value.
- Throws:
- SSLException- If the server reply code does not equal "200".
- IOException- If an I/O error occurs while sending the command.
- Since:
- 3.0
- See Also:
 
- 
sendCommandSend an FTP command. A successful CCC (Clear Command Channel) command causes the underlyingSSLSocketinstance to be assigned to a plainSocket- Overrides:
- sendCommandin class- FTP
- Parameters:
- command- The FTP command.
- args- The arguments to the FTP command. If this parameter is set to null, then the command is sent with no argument.
- Returns:
- server reply.
- Throws:
- IOException- If an I/O error occurs while sending the command.
- SSLException- if a CCC command fails
- See Also:
 
- 
setAuthValueSets AUTH command use value. This processing is done before connected processing.- Parameters:
- auth- AUTH command use value.
 
- 
setEnabledCipherSuitesControls which particular cipher suites are enabled for use on this connection. Called before server negotiation.- Parameters:
- cipherSuites- The cipher suites.
 
- 
setEnabledProtocolsControls which particular protocol versions are enabled for use on this connection. I perform setting before a server negotiation.- Parameters:
- protocolVersions- The protocol versions.
 
- 
setEnabledSessionCreationControls whether a new SSL session may be established by this socket.- Parameters:
- isCreation- The established socket flag.
 
- 
setEndpointCheckingEnabledAutomatic endpoint identification checking using the HTTPS algorithm is supported on Java 1.7+. The default behavior is for this to be disabled. This check is only performed on client mode connections.- Parameters:
- enable- Enable automatic endpoint identification checking using the HTTPS algorithm on Java 1.7+.
- Since:
- 3.4
 
- 
setHostnameVerifierOverride the defaultHostnameVerifierto use. The verifier is only used on client mode connections.- Parameters:
- newHostnameVerifier- The HostnameVerifier implementation to set or- nullto disable.
- Since:
- 3.4
 
- 
setKeyManagerSets aKeyManagerto use- Parameters:
- keyManager- The KeyManager implementation to set.
- See Also:
 
- 
setNeedClientAuthConfigures the socket to require client authentication.- Parameters:
- isNeedClientAuth- The need client auth flag.
 
- 
setTrustManagerOverride the defaultTrustManagerto use; if set tonull, the default TrustManager from the JVM will be used.- Parameters:
- trustManager- The TrustManager implementation to set, may be- null
- See Also:
 
- 
setUseClientModeConfigures the socket to use client (or server) mode in its first handshake.- Parameters:
- isClientMode- The use client mode flag.
 
- 
setWantClientAuthConfigures the socket to request client authentication, but only if such a request is appropriate to the cipher suite negotiated.- Parameters:
- isWantClientAuth- The want client auth flag.
 
- 
sslNegotiationSSL/TLS negotiation. Acquires an SSL socket of a control connection and carries out handshake processing.- Throws:
- IOException- If server negotiation fails
 
 
-