Class LdapClientTrustStoreManager
- java.lang.Object
-
- org.apache.directory.ldap.client.api.LdapClientTrustStoreManager
-
- All Implemented Interfaces:
Serializable
,TrustManager
,X509TrustManager
public final class LdapClientTrustStoreManager extends Object implements X509TrustManager, Serializable
Implement the X509TrustManager interface which will be used during JSSE truststore manager initialisation for LDAP client-to-server communications over TLS/SSL. It is used during certificate validation operations within JSSE. Note: This class allows self-signed certificates to pass the validation checks.- Author:
- Apache Directory Project
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description LdapClientTrustStoreManager(String trustStoreFile, char[] trustStorePw, String trustStoreFormat, boolean isExamineValidity)
Constructor used by connection configuration utility to load trust store manager.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
checkClientTrusted(X509Certificate[] x509Chain, String authNType)
Determine if client certificate is to be trusted.void
checkServerTrusted(X509Certificate[] x509Chain, String authNType)
Determine if server certificate is to be trusted.X509Certificate[]
getAcceptedIssuers()
Return the list of accepted issuers for this trust manager.
-
-
-
Constructor Detail
-
LdapClientTrustStoreManager
public LdapClientTrustStoreManager(String trustStoreFile, char[] trustStorePw, String trustStoreFormat, boolean isExamineValidity)
Constructor used by connection configuration utility to load trust store manager.- Parameters:
trustStoreFile
- contains name of trust store file.trustStorePw
- contains the password for trust storetrustStoreFormat
- contains the format for trust storeisExamineValidity
- boolean var determines if certificate will be examined for valid dates on load.
-
-
Method Detail
-
checkClientTrusted
public void checkClientTrusted(X509Certificate[] x509Chain, String authNType) throws CertificateException
Determine if client certificate is to be trusted.- Specified by:
checkClientTrusted
in interfaceX509TrustManager
- Parameters:
x509Chain
- The certificate chainauthNType
- The key exchange algorithm being used- Throws:
CertificateException
- If the trustManager cannot be found
-
checkServerTrusted
public void checkServerTrusted(X509Certificate[] x509Chain, String authNType) throws CertificateException
Determine if server certificate is to be trusted.- Specified by:
checkServerTrusted
in interfaceX509TrustManager
- Parameters:
x509Chain
- The certificate chainauthNType
- The key exchange algorithm being used- Throws:
CertificateException
- If the trustManager cannot be found
-
getAcceptedIssuers
public X509Certificate[] getAcceptedIssuers()
Return the list of accepted issuers for this trust manager.- Specified by:
getAcceptedIssuers
in interfaceX509TrustManager
- Returns:
- array of accepted issuers
-
-