eu.emi.security.authn.x509.helpers.ssl.SSLTrustManagerWithHostnameChecking

All Implemented Interfaces:: TrustManager, X509TrustManager

public class SSLTrustManagerWithHostnameChecking extends X509ExtendedTrustManager

Wires CANL abstractions: credentials and verificators into Java SSL socket factory. Supports hostname verification with a custom callback. If callback is unset then the mismatch of hostname to peer's certificate is considered a fatal error.

Field Summary

Fields

Modifier and Type

Field

Description

protected final X509CertChainValidator

validator
Constructor Summary

Constructors

Constructor

Description

SSLTrustManagerWithHostnameChecking(X509CertChainValidator validator, HostnameMismatchCallback2 hostnameMismatchCallback)
Method Summary

Modifier and Type

Method

Description

void

checkClientTrusted(X509Certificate[] chain, String authType)

void

checkClientTrusted(X509Certificate[] chain, String authType, Socket socket)

void

checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine)

protected void

checkIfTrusted(X509Certificate[] certChain)

void

checkServerTrusted(X509Certificate[] chain, String authType)

void

checkServerTrusted(X509Certificate[] chain, String authType, Socket socket)

void

checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine)

X509Certificate[]

getAcceptedIssuers()

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- validator
  
  protected final X509CertChainValidator validator
Constructor Details
- SSLTrustManagerWithHostnameChecking
  
  public SSLTrustManagerWithHostnameChecking(X509CertChainValidator validator, HostnameMismatchCallback2 hostnameMismatchCallback)
Method Details
- checkClientTrusted
  
  public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException
  
  Throws:
  
  CertificateException
- checkServerTrusted
  
  public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
  
  Throws:
  
  CertificateException
- getAcceptedIssuers
  
  public X509Certificate[] getAcceptedIssuers()
- checkIfTrusted
  
  protected void checkIfTrusted(X509Certificate[] certChain) throws CertificateException
  
  Throws:
  
  CertificateException
- checkClientTrusted
  
  public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException
  
  Specified by:
  
  checkClientTrusted in class X509ExtendedTrustManager
  
  Throws:
  
  CertificateException
- checkServerTrusted
  
  public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException
  
  Specified by:
  
  checkServerTrusted in class X509ExtendedTrustManager
  
  Throws:
  
  CertificateException
- checkClientTrusted
  
  public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException
  
  Specified by:
  
  checkClientTrusted in class X509ExtendedTrustManager
  
  Throws:
  
  CertificateException
- checkServerTrusted
  
  public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException
  
  Specified by:
  
  checkServerTrusted in class X509ExtendedTrustManager
  
  Throws:
  
  CertificateException

Class SSLTrustManagerWithHostnameChecking

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Details

validator

Constructor Details

SSLTrustManagerWithHostnameChecking

Method Details

checkClientTrusted

checkServerTrusted

getAcceptedIssuers

checkIfTrusted

checkClientTrusted

checkServerTrusted

checkClientTrusted

checkServerTrusted