org.apache.tomcat.util.net.jsse
public final class JSSEKeyManager extends java.lang.Object implements javax.net.ssl.X509KeyManager
Constructor and Description |
---|
JSSEKeyManager(javax.net.ssl.X509KeyManager mgr,
java.lang.String serverKeyAlias)
Constructor.
|
Modifier and Type | Method and Description |
---|---|
java.lang.String |
chooseClientAlias(java.lang.String[] keyType,
java.security.Principal[] issuers,
java.net.Socket socket)
Choose an alias to authenticate the client side of a secure socket,
given the public key type and the list of certificate issuer authorities
recognized by the peer (if any).
|
java.lang.String |
chooseServerAlias(java.lang.String keyType,
java.security.Principal[] issuers,
java.net.Socket socket)
Returns this key manager's server key alias that was provided in the
constructor.
|
java.security.cert.X509Certificate[] |
getCertificateChain(java.lang.String alias)
Returns the certificate chain associated with the given alias.
|
java.lang.String[] |
getClientAliases(java.lang.String keyType,
java.security.Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any).
|
java.security.PrivateKey |
getPrivateKey(java.lang.String alias)
Returns the key associated with the given alias.
|
java.lang.String[] |
getServerAliases(java.lang.String keyType,
java.security.Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any).
|
public JSSEKeyManager(javax.net.ssl.X509KeyManager mgr, java.lang.String serverKeyAlias)
mgr
- The X509KeyManager used as a delegateserverKeyAlias
- The alias name of the server's keypair and
supporting certificate chainpublic java.lang.String chooseClientAlias(java.lang.String[] keyType, java.security.Principal[] issuers, java.net.Socket socket)
chooseClientAlias
in interface javax.net.ssl.X509KeyManager
keyType
- The key algorithm type name(s), ordered with the
most-preferred key type firstissuers
- The list of acceptable CA issuer subject names, or null
if it does not matter which issuers are usedsocket
- The socket to be used for this connection. This parameter
can be null, in which case this method will return the most generic
alias to usepublic java.lang.String chooseServerAlias(java.lang.String keyType, java.security.Principal[] issuers, java.net.Socket socket)
chooseServerAlias
in interface javax.net.ssl.X509KeyManager
keyType
- The key algorithm type name (ignored)issuers
- The list of acceptable CA issuer subject names, or null
if it does not matter which issuers are used (ignored)socket
- The socket to be used for this connection. This parameter
can be null, in which case this method will return the most generic
alias to use (ignored)public java.security.cert.X509Certificate[] getCertificateChain(java.lang.String alias)
getCertificateChain
in interface javax.net.ssl.X509KeyManager
alias
- The alias namepublic java.lang.String[] getClientAliases(java.lang.String keyType, java.security.Principal[] issuers)
getClientAliases
in interface javax.net.ssl.X509KeyManager
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null
if it does not matter which issuers are usedpublic java.lang.String[] getServerAliases(java.lang.String keyType, java.security.Principal[] issuers)
getServerAliases
in interface javax.net.ssl.X509KeyManager
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null
if it does not matter which issuers are usedpublic java.security.PrivateKey getPrivateKey(java.lang.String alias)
getPrivateKey
in interface javax.net.ssl.X509KeyManager
alias
- The alias nameCopyright © 2000-2013 Apache Software Foundation. All Rights Reserved.