java.lang.Object
- javax.net.ssl.X509ExtendedTrustManager
- - eu.emi.security.authn.x509.helpers.ssl.SSLTrustManagerWithHostnameChecking

All Implemented Interfaces:

javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager
```
public class SSLTrustManagerWithHostnameChecking
extends javax.net.ssl.X509ExtendedTrustManager
```
Wires CANL abstractions: credentials and verificators into Java SSL socket factory. Supports hostname verification with a custom callback. If callback is unset then the mismatch of hostname to peer's certificate is considered a fatal error.

Field Summary

Fields
Modifier and Type Field Description

protected X509CertChainValidator validator

Constructor Summary

Constructors
Constructor	Description
`SSLTrustManagerWithHostnameChecking(X509CertChainValidator validator, HostnameMismatchCallback2 hostnameMismatchCallback)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)`
`void`	`checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)`
`void`	`checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)`
`protected void`	`checkIfTrusted(java.security.cert.X509Certificate[] certChain)`
`void`	`checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)`
`void`	`checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)`
`void`	`checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)`
`java.security.cert.X509Certificate[]`	`getAcceptedIssuers()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

validator

protected final X509CertChainValidator validator

Constructor Detail

SSLTrustManagerWithHostnameChecking

public SSLTrustManagerWithHostnameChecking(X509CertChainValidator validator,
                                           HostnameMismatchCallback2 hostnameMismatchCallback)

Method Detail

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException

Throws:: java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException

Throws:: java.security.cert.CertificateException

getAcceptedIssuers

public java.security.cert.X509Certificate[] getAcceptedIssuers()

checkIfTrusted

protected void checkIfTrusted(java.security.cert.X509Certificate[] certChain)
                       throws java.security.cert.CertificateException

Throws:: java.security.cert.CertificateException

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException

Specified by:: checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
Throws:: java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException

Specified by:: checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
Throws:: java.security.cert.CertificateException

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               javax.net.ssl.SSLEngine engine)
                        throws java.security.cert.CertificateException

Specified by:: checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
Throws:: java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               javax.net.ssl.SSLEngine engine)
                        throws java.security.cert.CertificateException

Specified by:: checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
Throws:: java.security.cert.CertificateException

Class SSLTrustManagerWithHostnameChecking

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

validator

Constructor Detail

SSLTrustManagerWithHostnameChecking

Method Detail

checkClientTrusted

checkServerTrusted

getAcceptedIssuers

checkIfTrusted

checkClientTrusted

checkServerTrusted

checkClientTrusted

checkServerTrusted