-
- All Superinterfaces:
- KeyManager
- All Known Implementing Classes:
- X509ExtendedKeyManager
public interface X509KeyManager extends KeyManager
Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.During secure socket negotiations, implentations call methods in this interface to:
- determine the set of aliases that are available for negotiations based on the criteria presented,
- select the
best alias based on the criteria presented, and - obtain the corresponding key material for given aliases.
Note: the X509ExtendedKeyManager should be used in favor of this class.
- Since:
- 1.4
-
-
Method Summary
Methods Modifier and Type Method and Description String
chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).String
chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).X509Certificate[]
getCertificateChain(String alias)
Returns the certificate chain associated with the given alias.String[]
getClientAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).PrivateKey
getPrivateKey(String alias)
Returns the key associated with the given alias.String[]
getServerAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
-
-
-
Method Detail
-
getClientAliases
String[] getClientAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used.- Returns:
- an array of the matching alias names, or null if there were no matches.
-
chooseClientAlias
String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
keyType
- the key algorithm type name(s), ordered with the most-preferred key type first.issuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.- Returns:
- the alias name for the desired key, or null if there are no matches.
-
getServerAliases
String[] getServerAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.- Returns:
- an array of the matching alias names, or null if there were no matches.
-
chooseServerAlias
String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
keyType
- the key algorithm type name.issuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.- Returns:
- the alias name for the desired key, or null if there are no matches.
-
getCertificateChain
X509Certificate[] getCertificateChain(String alias)
Returns the certificate chain associated with the given alias.- Parameters:
alias
- the alias name- Returns:
- the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found.
-
getPrivateKey
PrivateKey getPrivateKey(String alias)
Returns the key associated with the given alias.- Parameters:
alias
- the alias name- Returns:
- the requested key, or null if the alias can't be found.
-
-
Deutsche Übersetzung
Sie haben gebeten, diese Seite auf Deutsch zu besuchen. Momentan ist nur die Oberfläche übersetzt, aber noch nicht der gesamte Inhalt.Wenn Sie mir bei Übersetzungen helfen wollen, ist Ihr Beitrag willkommen. Alles, was Sie tun müssen, ist, sich auf der Website zu registrieren und mir eine Nachricht zu schicken, in der Sie gebeten werden, Sie der Gruppe der Übersetzer hinzuzufügen, die Ihnen die Möglichkeit gibt, die gewünschten Seiten zu übersetzen. Ein Link am Ende jeder übersetzten Seite zeigt an, dass Sie der Übersetzer sind und einen Link zu Ihrem Profil haben.
Vielen Dank im Voraus.
Dokument erstellt 11/06/2005, zuletzt geändert 04/03/2020
Quelle des gedruckten Dokuments:https://www.gaudry.be/de/java-api-rf-javax/net/ssl/x509keymanager.html
Die Infobro ist eine persönliche Seite, deren Inhalt in meiner alleinigen Verantwortung liegt. Der Text ist unter der CreativeCommons-Lizenz (BY-NC-SA) verfügbar. Weitere Informationen auf die Nutzungsbedingungen und dem Autor.
Referenzen
Diese Verweise und Links verweisen auf Dokumente, die während des Schreibens dieser Seite konsultiert wurden, oder die zusätzliche Informationen liefern können, aber die Autoren dieser Quellen können nicht für den Inhalt dieser Seite verantwortlich gemacht werden.
Der Autor Diese Website ist allein dafür verantwortlich, wie die verschiedenen Konzepte und Freiheiten, die mit den Nachschlagewerken gemacht werden, hier dargestellt werden. Denken Sie daran, dass Sie mehrere Quellinformationen austauschen müssen, um das Risiko von Fehlern zu reduzieren.