@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class HostNameSSLSocketVerifier extends SSLSocketVerifier
SSLSocket
verifier that
will verify that the presented server certificate includes the address to
which the client intended to establish a connection. It will check the CN
attribute of the certificate subject, as well as certain subjectAltName
extensions, including dNSName, uniformResourceIdentifier, and iPAddress.Constructor and Description |
---|
HostNameSSLSocketVerifier(boolean allowWildcards)
Creates a new instance of this
SSLSocket verifier. |
Modifier and Type | Method and Description |
---|---|
void |
verifySSLSocket(java.lang.String host,
int port,
javax.net.ssl.SSLSocket sslSocket)
Verifies that the provided
SSLSocket is acceptable and the
connection should be allowed to remain established. |
public HostNameSSLSocketVerifier(boolean allowWildcards)
SSLSocket
verifier.allowWildcards
- Indicates whether to allow wildcard certificates
which contain an asterisk as the first component of
a CN subject attribute or dNSName subjectAltName
extension.public void verifySSLSocket(java.lang.String host, int port, javax.net.ssl.SSLSocket sslSocket) throws LDAPException
SSLSocket
is acceptable and the
connection should be allowed to remain established.verifySSLSocket
in class SSLSocketVerifier
host
- The address to which the client intended the connection
to be established.port
- The port to which the client intended the connection to
be established.sslSocket
- The SSLSocket
that should be verified.LDAPException
- If a problem is identified that should prevent the
provided SSLSocket
from remaining
established.