@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class PromptTrustManager extends java.lang.Object implements javax.net.ssl.X509TrustManager
Constructor and Description |
---|
PromptTrustManager()
Creates a new instance of this prompt trust manager.
|
PromptTrustManager(java.lang.String acceptedCertsFile)
Creates a new instance of this prompt trust manager.
|
PromptTrustManager(java.lang.String acceptedCertsFile,
boolean examineValidityDates,
java.io.InputStream in,
java.io.PrintStream out)
Creates a new instance of this prompt trust manager.
|
Modifier and Type | Method and Description |
---|---|
void |
checkClientTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
Checks to determine whether the provided client certificate chain should be
trusted.
|
void |
checkServerTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
Checks to determine whether the provided server certificate chain should be
trusted.
|
boolean |
examineValidityDates()
Indicate whether to prompt about certificates contained in the cache if the
current time is outside the validity window for the certificate.
|
java.security.cert.X509Certificate[] |
getAcceptedIssuers()
Retrieves the accepted issuer certificates for this trust manager.
|
boolean |
wouldPrompt(java.security.cert.X509Certificate[] chain)
Indicates whether this trust manager would interactively prompt the user
about whether to trust the provided certificate chain.
|
public PromptTrustManager()
public PromptTrustManager(java.lang.String acceptedCertsFile)
acceptedCertsFile
- The path to a file in which the certificates
that have been previously accepted will be
cached. It may be null
if the cache
should only be maintained in memory.public PromptTrustManager(java.lang.String acceptedCertsFile, boolean examineValidityDates, java.io.InputStream in, java.io.PrintStream out)
acceptedCertsFile
- The path to a file in which the certificates
that have been previously accepted will be
cached. It may be null
if the cache
should only be maintained in memory.examineValidityDates
- Indicates whether to reject certificates if
the current time is outside the validity
window for the certificate.in
- The input stream that will be used to read
input from the user. If this is null
then System.in
will be used.out
- The print stream that will be used to display
the prompt to the user. If this is
null
then System.out will be used.public boolean wouldPrompt(java.security.cert.X509Certificate[] chain)
chain
- The chain of certificates for which to make the
determination.true
if this trust manger would interactively prompt the
user about whether to trust the certificate chain, or
false
if not (e.g., because the certificate is already
known to be trusted).public boolean examineValidityDates()
true
if the certificate validity time should be examined
for cached certificates and the user should be prompted if they
are expired or not yet valid, or false
if cached
certificates should be accepted even outside of the validity
window.public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
checkClientTrusted
in interface javax.net.ssl.X509TrustManager
chain
- The client certificate chain for which to make the
determination.authType
- The authentication type based on the client certificate.java.security.cert.CertificateException
- If the provided client certificate chain
should not be trusted.public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
checkServerTrusted
in interface javax.net.ssl.X509TrustManager
chain
- The server certificate chain for which to make the
determination.authType
- The key exchange algorithm used.java.security.cert.CertificateException
- If the provided server certificate chain
should not be trusted.public java.security.cert.X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers
in interface javax.net.ssl.X509TrustManager