Class LdapClientTrustStoreManager

  • All Implemented Interfaces:
    Serializable, TrustManager, X509TrustManager

    public final class LdapClientTrustStoreManager
    extends Object
    implements X509TrustManager, Serializable
    Implement the X509TrustManager interface which will be used during JSSE truststore manager initialization for LDAP client-to-server communications over TLS/SSL. It is used during certificate validation operations within JSSE.

    There are the controlling fortress.properties:

    • trust.store : contains the name of the truststore (must be fully qualified iff trust.store.onclasspath=false
    • trust.store.password : contains the pw for the specified truststore
    • trust.onclasspath : if false name must be fully qualified, otherwise file must be on classpath as named
    Note: This class allows self-signed certificates to pass the validation checks, if its root certificate is found in the truststore.
    Author:
    Apache Directory Project
    See Also:
    Serialized Form
    • Constructor Detail

      • LdapClientTrustStoreManager

        public LdapClientTrustStoreManager​(String trustStoreFile,
                                           char[] trustStorePw,
                                           String trustStoreFormat,
                                           boolean isExamineValidity)
        Constructor used by connection configuration utility to load trust store manager.
        Parameters:
        trustStoreFile - contains name of trust store file.
        trustStorePw - contains the password for trust store
        trustStoreFormat - contains the format for trust store
        isExamineValidity - boolean var determines if certificate will be examined for valid dates on load.