All Known Subinterfaces:

X509CertChainValidatorExt

All Known Implementing Classes:

AbstractValidator, BinaryCertChainValidator, DirectoryCertChainValidator, InMemoryKeystoreCertChainValidator, KeystoreCertChainValidator, OpensslCertChainValidator, PlainCRLValidator
```
public interface X509CertChainValidator
```
Implementations are used to perform a manual certificate chain validation. Implementations shall reuse as many of existing CertificateChecker implementations as possible. Implementations must be thread safe.

Author:

K. Benedyczak

See Also:

ValidationResult

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`void`	`addUpdateListener(StoreUpdateListener listener)`	Registers a listener which can react to errors found during refreshing of the trust material: trusted CAs or CRLs.
`void`	`addValidationListener(ValidationErrorListener listener)`	Registers a listener which can react to errors found during certificate validation.
`java.security.cert.X509Certificate[]`	`getTrustedIssuers()`	Returns a list of trusted issuers of certificates.
`void`	`removeUpdateListener(StoreUpdateListener listener)`	Unregisters a previously registered CA or CRL update listener.
`void`	`removeValidationListener(ValidationErrorListener listener)`	Unregisters a previously registered validation listener.
`ValidationResult`	`validate(java.security.cert.CertPath certPath)`	Performs validation of a provided certificate path.
`ValidationResult`	`validate(java.security.cert.X509Certificate[] certChain)`	Performs validation of a provided certificate chain.

- Method Detail
  - validate
```
ValidationResult validate(java.security.cert.CertPath certPath)
```
    Performs validation of a provided certificate path.
    
    Parameters:
    
    certPath - to be validated
    
    Returns:
    
    result of validation
  - validate
```
ValidationResult validate(java.security.cert.X509Certificate[] certChain)
```
    Performs validation of a provided certificate chain.
    
    Parameters:
    
    certChain - to be validated
    
    Returns:
    
    result of validation
  - getTrustedIssuers
```
java.security.cert.X509Certificate[] getTrustedIssuers()
```
    Returns a list of trusted issuers of certificates.
    
    Returns:
    
    array containing trusted issuers' certificates
  - addValidationListener
```
void addValidationListener(ValidationErrorListener listener)
```
    Registers a listener which can react to errors found during certificate validation. It is useful in two cases: (rarely) if you want to change the default logic of the validator and if you will use the validator indirectly (e.g. to validate SSL socket connections) and want to get the original ValidationError, not the exception.
    
    Parameters:
    
    listener - to be registered
  - removeValidationListener
```
void removeValidationListener(ValidationErrorListener listener)
```
    Unregisters a previously registered validation listener. If the listener was not registered then the method does nothing.
    
    Parameters:
    
    listener - to be unregistered
  - addUpdateListener
```
void addUpdateListener(StoreUpdateListener listener)
```
    Registers a listener which can react to errors found during refreshing of the trust material: trusted CAs or CRLs. This method is useful only if the implementation supports updating of CAs or CRLs, otherwise the listener will not be invoked.
    
    Parameters:
    
    listener - to be registered
  - removeUpdateListener
```
void removeUpdateListener(StoreUpdateListener listener)
```
    Unregisters a previously registered CA or CRL update listener. If the listener was not registered then the method does nothing.
    
    Parameters:
    
    listener - to be unregistered

Interface X509CertChainValidator

Method Summary

Method Detail

validate

validate

getTrustedIssuers

addValidationListener

removeValidationListener

addUpdateListener

removeUpdateListener