com.genesyslab.platform.commons.connection.tls
Class HostnameCheckingTrustManager
java.lang.Object
com.genesyslab.platform.commons.connection.tls.HostnameCheckingTrustManager
- All Implemented Interfaces:
- javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager
public class HostnameCheckingTrustManager
- extends java.lang.Object
- implements javax.net.ssl.X509TrustManager
Wraps another X509TrustManager and performs additional check: matching expected hostname against presented
certificates. Uses HostnameChecker static methods for hostname matching.
- See Also:
HostnameChecker
Method Summary |
void |
checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates,
java.lang.String s)
|
void |
checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates,
java.lang.String s)
|
java.security.cert.X509Certificate[] |
getAcceptedIssuers()
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
HostnameCheckingTrustManager
public HostnameCheckingTrustManager(java.lang.String expectedHostname,
javax.net.ssl.X509TrustManager wrappedTrustManager)
- Parameters:
expectedHostname
- Hostname to match certificates againstwrappedTrustManager
- X509TrustManager instance to wrap
If it isn't in fully qualified domain name then performance will reduced due trying getting full one.
If it dosn't have full form and getting full one fail then it will be interpreted as the ip according to
the passed expectedHostname argument
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates,
java.lang.String s)
throws java.security.cert.CertificateException
- Specified by:
checkClientTrusted
in interface javax.net.ssl.X509TrustManager
- Throws:
java.security.cert.CertificateException
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates,
java.lang.String s)
throws java.security.cert.CertificateException
- Specified by:
checkServerTrusted
in interface javax.net.ssl.X509TrustManager
- Throws:
java.security.cert.CertificateException
getAcceptedIssuers
public java.security.cert.X509Certificate[] getAcceptedIssuers()
- Specified by:
getAcceptedIssuers
in interface javax.net.ssl.X509TrustManager
Send comments on this topicTechpubs.webadmin@genesys.com.
Document version: 8.5.302.00
Copyright © 2006–2017 Genesys Telecommunications Laboratories, Inc. All rights reserved.