Module java.base
Package javax.net.ssl

Class X509ExtendedTrustManager

java.lang.Object
javax.net.ssl.X509ExtendedTrustManager
All Implemented Interfaces:
TrustManager, X509TrustManager

public abstract class X509ExtendedTrustManager extends Object implements X509TrustManager
Extensions to the X509TrustManager interface to support SSL/TLS/DTLS connection sensitive trust management.

To prevent man-in-the-middle attacks, hostname checks can be done to verify that the hostname in an end-entity certificate matches the targeted hostname. TLS/DTLS does not require such checks, but some protocols over TLS/DTLS (such as HTTPS) do. In earlier versions of the JDK, the certificate chain checks were done at the SSL/TLS/DTLS layer, and the hostname verification checks were done at the layer over TLS/DTLS. This class allows for the checking to be done during a single call to this class.

RFC 2830 defines the server identification specification for the "LDAPS" algorithm. RFC 2818 defines both the server identification and the client identification specification for the "HTTPS" algorithm.

Since:
1.7
See Also: