|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.opends.admin.ads.util.ApplicationKeyManager
public class ApplicationKeyManager
This class is in charge of checking whether the certificates that are presented are trusted or not. This implementation tries to check also that the subject DN of the certificate corresponds to the host passed using the setHostName method. The constructor tries to use a default TrustManager from the system and if it cannot be retrieved this class will only accept the certificates explicitly accepted by the user (and specified by calling acceptCertificate). NOTE: this class is not aimed to be used when we have connections in paralel.
Constructor Summary | |
---|---|
ApplicationKeyManager(java.security.KeyStore keystore,
char[] password)
The default constructor. |
Method Summary | |
---|---|
java.lang.String |
chooseClientAlias(java.lang.String[] keyType,
java.security.Principal[] issuers,
java.net.Socket socket)
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
java.lang.String |
chooseServerAlias(java.lang.String keyType,
java.security.Principal[] issuers,
java.net.Socket socket)
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
java.security.cert.X509Certificate[] |
getCertificateChain(java.lang.String alias)
Returns the certificate chain associated with the given alias. |
java.lang.String[] |
getClientAliases(java.lang.String keyType,
java.security.Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
java.security.PrivateKey |
getPrivateKey(java.lang.String alias)
Returns the key associated with the given alias. |
java.lang.String[] |
getServerAliases(java.lang.String keyType,
java.security.Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ApplicationKeyManager(java.security.KeyStore keystore, char[] password)
keystore
- The keystore to use for this keymanager.password
- The keystore password to use for this keymanager.Method Detail |
---|
public java.lang.String chooseClientAlias(java.lang.String[] keyType, java.security.Principal[] issuers, java.net.Socket socket)
chooseClientAlias
in interface javax.net.ssl.X509KeyManager
keyType
- the key algorithm type name(s), ordered with the
most-preferred key type first.issuers
- the list of acceptable CA issuer subject names or null
if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, in which case this method will
return the most generic alias to use.
public java.lang.String chooseServerAlias(java.lang.String keyType, java.security.Principal[] issuers, java.net.Socket socket)
chooseServerAlias
in interface javax.net.ssl.X509KeyManager
keyType
- the key algorithm type name(s), ordered with the
most-preferred key type first.issuers
- the list of acceptable CA issuer subject names or null
if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, in which case this method will
return the most generic alias to use.
public java.security.cert.X509Certificate[] getCertificateChain(java.lang.String alias)
getCertificateChain
in interface javax.net.ssl.X509KeyManager
alias
- the alias name
public java.lang.String[] getClientAliases(java.lang.String keyType, java.security.Principal[] issuers)
getClientAliases
in interface javax.net.ssl.X509KeyManager
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names or null
if it does not matter which issuers are used.
public java.security.PrivateKey getPrivateKey(java.lang.String alias)
getPrivateKey
in interface javax.net.ssl.X509KeyManager
alias
- the alias name
public java.lang.String[] getServerAliases(java.lang.String keyType, java.security.Principal[] issuers)
getServerAliases
in interface javax.net.ssl.X509KeyManager
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names or null
if it does not matter which issuers are used.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |