|
BEA Systems, Inc. | ||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface TrustManager
The TrustManager interface permits the user to override certain validation errors in the peer's certificate chain and allow the handshake to continue. This interface also permits the user to perform additional validation on the peer certificate chain and interrupt the handshake if need be.
Field Summary | |
---|---|
static int |
ERR_CERT_CHAIN_INCOMPLETE
An incomplete certificate chain is when a chain does not include a self signed root CA certificate |
static int |
ERR_CERT_CHAIN_INVALID
An invalid certificate chain is when a certificate is not issued by the succeeding certificate in the chain |
static int |
ERR_CERT_CHAIN_UNTRUSTED
None of the certificates in the chain can be found in the list of trusted certificates |
static int |
ERR_CERT_EXPIRED
An expired certificate |
static int |
ERR_NONE
No error has been detected |
static int |
ERR_SIGNATURE_INVALID
A certificate has an invalid signature when the public key of the succeeding certificate does not verify the signature in the certificate |
Method Summary | |
---|---|
boolean |
certificateCallback(X509Certificate[] chain,
int validateErr)
Called by the SSL library when a peer presents a certificate chain. |
Field Detail |
---|
static final int ERR_NONE
static final int ERR_CERT_CHAIN_INVALID
static final int ERR_CERT_EXPIRED
static final int ERR_CERT_CHAIN_INCOMPLETE
static final int ERR_SIGNATURE_INVALID
static final int ERR_CERT_CHAIN_UNTRUSTED
Method Detail |
---|
boolean certificateCallback(X509Certificate[] chain, int validateErr)
chain
- The peer certificate chainvalidateErr
- indicates the validation errors present
in the certificate chain. validateErr has the following properties:
ERR_CERT_CHAIN_INVALID bit is set if the certificate chain is invalid;
ERR_CERT_EXPIRED bit is set if any of the certificates are expired;
ERR_CERT_CHAIN_INCOMPLETE bit is set if the certificate chain is incomplete;
ERR_SIGNATURE_INVALID bit is set if any of the certificates have an invaid signature;
ERR_CERT_CHAIN_UNTRUSTED bit is set if the certificate chain is not trusted.
|
Documentation is available at http://download.oracle.com/docs/cd/E13222_01/wls/docs92 Copyright 2006 BEA Systems Inc. |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |