public final class TrustManagers extends Object
| Modifier and Type | Method and Description |
|---|---|
static X509TrustManager |
checkHostName(String hostNamePattern,
X509TrustManager trustManager)
Wraps the provided
X509TrustManager by adding additional
validation which rejects certificate chains whose subject DN does not
match the specified host name pattern. |
static X509TrustManager |
checkUsingTrustStore(String file)
Creates a new
X509TrustManager which will use the named trust
store file to determine whether to trust a certificate. |
static X509TrustManager |
checkUsingTrustStore(String file,
char[] password,
String format)
Creates a new
X509TrustManager which will use the named trust
store file to determine whether to trust a certificate. |
static X509TrustManager |
checkValidityDates(X509TrustManager trustManager)
Wraps the provided
X509TrustManager by adding additional
validation which rejects certificate chains containing certificates which
have expired or are not yet valid. |
static X509TrustManager |
distrustAll()
Returns an
X509TrustManager which does not trust any
certificates. |
static X509TrustManager |
trustAll()
Returns an
X509TrustManager which trusts all certificates. |
public static X509TrustManager checkHostName(String hostNamePattern, X509TrustManager trustManager)
X509TrustManager by adding additional
validation which rejects certificate chains whose subject DN does not
match the specified host name pattern. The pattern may contain
wild-cards, for example *.example.com.hostNamePattern - A host name pattern which the RDN value contained in
certificate subject DNs must match.trustManager - The trust manager to be wrapped.NullPointerException - If trustManager or hostNamePattern was
null.public static X509TrustManager checkUsingTrustStore(String file) throws GeneralSecurityException, IOException
X509TrustManager which will use the named trust
store file to determine whether to trust a certificate. It will use the
default trust store format for the JVM (e.g. JKS) and will not
use a password to open the trust store.file - The trust store file name.X509TrustManager which will use the named trust
store file to determine whether to trust a certificate.GeneralSecurityException - If the trust store could not be loaded, perhaps due to
incorrect format, or missing algorithms.IOException - If the trust store file could not be found or could not be
read.NullPointerException - If file was null.public static X509TrustManager checkUsingTrustStore(String file, char[] password, String format) throws GeneralSecurityException, IOException
X509TrustManager which will use the named trust
store file to determine whether to trust a certificate. It will use the
provided trust store format and password.file - The trust store file name.password - The trust store password, which may be null.format - The trust store format, which may be null to indicate
that the default trust store format for the JVM (e.g.
JKS) should be used.X509TrustManager which will use the named trust
store file to determine whether to trust a certificate.GeneralSecurityException - If the trust store could not be loaded, perhaps due to
incorrect format, or missing algorithms.IOException - If the trust store file could not be found or could not be
read.NullPointerException - If file was null.public static X509TrustManager checkValidityDates(X509TrustManager trustManager)
X509TrustManager by adding additional
validation which rejects certificate chains containing certificates which
have expired or are not yet valid.trustManager - The trust manager to be wrapped.NullPointerException - If trustManager was null.public static X509TrustManager distrustAll()
X509TrustManager which does not trust any
certificates.X509TrustManager which does not trust any
certificates.public static X509TrustManager trustAll()
X509TrustManager which trusts all certificates.X509TrustManager which trusts all certificates.Copyright © 2011-2015 ForgeRock AS. All Rights Reserved.