public
interface
X509KeyManager
implements
KeyManager
javax.net.ssl.X509KeyManager |
Known Indirect Subclasses |
Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.
During secure socket negotiations, implentations call methods in this interface to:
Note: the X509ExtendedKeyManager should be used in favor of this class.
Public methods | |
---|---|
abstract
String
|
chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
abstract
String
|
chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
abstract
X509Certificate[]
|
getCertificateChain(String alias)
Returns the certificate chain associated with the given alias. |
abstract
String[]
|
getClientAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
abstract
PrivateKey
|
getPrivateKey(String alias)
Returns the key associated with the given alias. |
abstract
String[]
|
getServerAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
String chooseClientAlias (String[] keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String :
the key algorithm type name(s), ordered
with the most-preferred key type first. |
issuers |
Principal :
the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used. |
socket |
Socket :
the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket. |
Returns | |
---|---|
String |
the alias name for the desired key, or null if there are no matches. |
String chooseServerAlias (String keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String :
the key algorithm type name. |
issuers |
Principal :
the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used. |
socket |
Socket :
the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket. |
Returns | |
---|---|
String |
the alias name for the desired key, or null if there are no matches. |
X509Certificate[] getCertificateChain (String alias)
Returns the certificate chain associated with the given alias.
Parameters | |
---|---|
alias |
String :
the alias name |
Returns | |
---|---|
X509Certificate[] |
the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found. |
String[] getClientAliases (String keyType, Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String :
the key algorithm type name |
issuers |
Principal :
the list of acceptable CA issuer subject names,
or null if it does not matter which issuers are used. |
Returns | |
---|---|
String[] |
an array of the matching alias names, or null if there were no matches. |
PrivateKey getPrivateKey (String alias)
Returns the key associated with the given alias.
Parameters | |
---|---|
alias |
String :
the alias name |
Returns | |
---|---|
PrivateKey |
the requested key, or null if the alias can't be found. |
String[] getServerAliases (String keyType, Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String :
the key algorithm type name |
issuers |
Principal :
the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used. |
Returns | |
---|---|
String[] |
an array of the matching alias names, or null if there were no matches. |