X509TrustManagerExtensions

Kotlin |Java

open class X509TrustManagerExtensions

kotlin.Any
↳	android.net.http.X509TrustManagerExtensions

X509TrustManager wrapper exposing Android-added features.

The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.

Summary

Public constructors
`X509TrustManagerExtensions(tm: X509TrustManager!)` Constructs a new X509TrustManagerExtensions wrapper.

Public methods
open MutableList<X509Certificate!>!	`checkServerTrusted(chain: Array<X509Certificate!>!, authType: String!, host: String!)` Verifies the given certificate chain.
open Boolean	`isSameTrustConfiguration(hostname1: String!, hostname2: String!)` Returns `true` if the TrustManager uses the same trust configuration for the provided hostnames.
open Boolean	`isUserAddedCertificate(cert: X509Certificate!)` Checks whether a CA certificate is added by an user.

Public constructors

X509TrustManagerExtensions

Added in API level 17

X509TrustManagerExtensions(tm: X509TrustManager!)

Constructs a new X509TrustManagerExtensions wrapper.

Parameters
`tm`	X509TrustManager!: A `X509TrustManager` as returned by TrustManagerFactory.getInstance();

Exceptions
`java.lang.IllegalArgumentException`	If tm is an unsupported TrustManager type.

Public methods

checkServerTrusted

Added in API level 17

open fun checkServerTrusted(
    chain: Array<X509Certificate!>!, 
    authType: String!, 
    host: String!
): MutableList<X509Certificate!>!

Verifies the given certificate chain.

See X509TrustManager#checkServerTrusted(X509Certificate[], String) for a description of the chain and authType parameters. The final parameter, host, should be the hostname of the server.

Return
`MutableList<X509Certificate!>!`	the properly ordered chain used for verification as a list of X509Certificates.

Exceptions
`java.security.cert.CertificateException`	if the chain does not verify correctly.

isSameTrustConfiguration

Added in API level 28

open fun isSameTrustConfiguration(
    hostname1: String!, 
    hostname2: String!
): Boolean

Returns true if the TrustManager uses the same trust configuration for the provided hostnames.

isUserAddedCertificate

Added in API level 21

open fun isUserAddedCertificate(cert: X509Certificate!): Boolean

Checks whether a CA certificate is added by an user.

Since X509TrustManager#checkServerTrusted may allow its parameter chain to chain up to user-added CA certificates, this method can be used to perform additional policies for user-added CA certificates.

Return
`Boolean`	`true` to indicate that the certificate authority exists in the user added certificate store, `false` otherwise.