com.sun.net.ssl
Interface X509TrustManager
- public interface X509TrustManager
- extends TrustManager
Instance of this interface manage which X509 certificates
may be used to authenticate the remote side of a secure
socket. Decisions may be based on trusted certificate
authorities, certificate revocation lists, online
status checking or other means.
Method Summary |
X509Certificate[] |
getAcceptedIssuers()
Return an array of certificate authority certificates
which are trusted for authenticating peers. |
boolean |
isClientTrusted(X509Certificate[] chain)
Given the partial or complete certificate chain
provided by the peer, build a certificate path
to a trusted root and return true if it can be
validated and is trusted for client SSL authentication. |
boolean |
isServerTrusted(X509Certificate[] chain)
Given the partial or complete certificate chain
provided by the peer, build a certificate path
to a trusted root and return true if it can be
validated and is trusted for server SSL authentication. |
isClientTrusted
public boolean isClientTrusted(X509Certificate[] chain)
- Given the partial or complete certificate chain
provided by the peer, build a certificate path
to a trusted root and return true if it can be
validated and is trusted for client SSL authentication.
- Parameters:
chain
- the peer certificate chain
isServerTrusted
public boolean isServerTrusted(X509Certificate[] chain)
- Given the partial or complete certificate chain
provided by the peer, build a certificate path
to a trusted root and return true if it can be
validated and is trusted for server SSL authentication.
- Parameters:
chain
- the peer certificate chain
getAcceptedIssuers
public X509Certificate[] getAcceptedIssuers()
- Return an array of certificate authority certificates
which are trusted for authenticating peers.
- Returns:
- the acceptable CA issuer certificates