X509KeyManager
interface X509KeyManager : KeyManager
javax.net.ssl.X509KeyManager |
Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.
During secure socket negotiations, implentations call methods in this interface to:
- determine the set of aliases that are available for negotiations based on the criteria presented,
- select the best alias based on the criteria presented, and
- obtain the corresponding key material for given aliases.
Note: the X509ExtendedKeyManager should be used in favor of this class.
Summary
Public methods | |
---|---|
abstract String! |
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
abstract String! |
chooseServerAlias(keyType: String!, issuers: Array<Principal!>!, socket: Socket!) Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
abstract Array<X509Certificate!>! |
getCertificateChain(alias: String!) Returns the certificate chain associated with the given alias. |
abstract Array<String!>! |
getClientAliases(keyType: String!, issuers: Array<Principal!>!) Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
abstract PrivateKey! |
getPrivateKey(alias: String!) Returns the key associated with the given alias. |
abstract Array<String!>! |
getServerAliases(keyType: String!, issuers: Array<Principal!>!) Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
Public methods
chooseClientAlias
abstract fun chooseClientAlias(
keyType: Array<String!>!,
issuers: Array<Principal!>!,
socket: Socket!
): String!
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
Array<String!>!: the key algorithm type name(s), ordered with the most-preferred key type first. |
issuers |
Array<Principal!>!: the list of acceptable CA issuer subject names or null if it does not matter which issuers are used. |
socket |
Socket!: the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket. |
Return | |
---|---|
String! |
the alias name for the desired key, or null if there are no matches. |
chooseServerAlias
abstract fun chooseServerAlias(
keyType: String!,
issuers: Array<Principal!>!,
socket: Socket!
): String!
Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String!: the key algorithm type name. |
issuers |
Array<Principal!>!: the list of acceptable CA issuer subject names or null if it does not matter which issuers are used. |
socket |
Socket!: the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket. |
Return | |
---|---|
String! |
the alias name for the desired key, or null if there are no matches. |
getCertificateChain
abstract fun getCertificateChain(alias: String!): Array<X509Certificate!>!
Returns the certificate chain associated with the given alias.
Parameters | |
---|---|
alias |
String!: the alias name |
Return | |
---|---|
Array<X509Certificate!>! |
the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found. |
getClientAliases
abstract fun getClientAliases(
keyType: String!,
issuers: Array<Principal!>!
): Array<String!>!
Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String!: the key algorithm type name |
issuers |
Array<Principal!>!: the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used. |
Return | |
---|---|
Array<String!>! |
an array of the matching alias names, or null if there were no matches. |
getPrivateKey
abstract fun getPrivateKey(alias: String!): PrivateKey!
Returns the key associated with the given alias.
Parameters | |
---|---|
alias |
String!: the alias name |
Return | |
---|---|
PrivateKey! |
the requested key, or null if the alias can't be found. |
getServerAliases
abstract fun getServerAliases(
keyType: String!,
issuers: Array<Principal!>!
): Array<String!>!
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
Parameters | |
---|---|
keyType |
String!: the key algorithm type name |
issuers |
Array<Principal!>!: the list of acceptable CA issuer subject names or null if it does not matter which issuers are used. |
Return | |
---|---|
Array<String!>! |
an array of the matching alias names, or null if there were no matches. |