@ThreadSafety(level=COMPLETELY_THREADSAFE) public final class TopologyRegistryTrustManager extends java.lang.Object implements javax.net.ssl.X509TrustManager, java.io.Serializable
NOTE: This class, and other classes within the
com.unboundid.ldap.sdk.unboundidds
package structure, are only
supported for use against Ping Identity, UnboundID, and
Nokia/Alcatel-Lucent 8661 server products. These classes provide support
for proprietary functionality or for external specifications that are not
considered stable or mature enough to be guaranteed to work in an
interoperable way with other types of LDAP servers.
Constructor and Description |
---|
TopologyRegistryTrustManager(java.io.File configurationFile,
long cacheDurationMillis)
Creates a new instance of this trust manager with the provided settings.
|
Modifier and Type | Method and Description |
---|---|
void |
checkClientTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
Checks to determine whether the provided client certificate chain should be
trusted.
|
void |
checkServerTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
Checks to determine whether the provided server certificate chain should be
trusted.
|
java.security.cert.X509Certificate[] |
getAcceptedIssuers()
Retrieves the accepted issuer certificates for this trust manager.
|
public TopologyRegistryTrustManager(@NotNull java.io.File configurationFile, long cacheDurationMillis)
configurationFile
- The configuration file for the Ping Identity
Directory Server instance that holds the
topology registry data.cacheDurationMillis
- The maximum length of time in milliseconds
that previously loaded certificates may be
cached. If this is less than or equal to
zero, then certificates will not be cached.public void checkClientTrusted(@NotNull java.security.cert.X509Certificate[] chain, @NotNull java.lang.String authType) throws java.security.cert.CertificateException
checkClientTrusted
in interface javax.net.ssl.X509TrustManager
chain
- The client certificate chain for which to make the
determination.authType
- The authentication type based on the client certificate.java.security.cert.CertificateException
- If the provided client certificate chain
should not be trusted.public void checkServerTrusted(@NotNull java.security.cert.X509Certificate[] chain, @NotNull java.lang.String authType) throws java.security.cert.CertificateException
checkServerTrusted
in interface javax.net.ssl.X509TrustManager
chain
- The server certificate chain for which to make the
determination.authType
- The key exchange algorithm used.java.security.cert.CertificateException
- If the provided server certificate chain
should not be trusted.@NotNull public java.security.cert.X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers
in interface javax.net.ssl.X509TrustManager