|
JavaXT
|
|||||||||||||
KeyManager ClassCustom implementation of a X509KeyManager. This class is used to support keystores with multiple SSL certificates. By default, the standard Java X509KeyManager and the SunX509 implementation will pick the first alias it finds for which there is a private key and a key type that matches the chosen cipher suite (typically RSA). Instead, this class tries to find an alias in the keystore that best matches the requested hostname found in the SSL handshake. This assumes that the keystore aliases contain hostnames (e.g. "www.acme.com") or top level domain names (e.g. "acme.com"). In addition, this class requires a mapping of aliases/hostnames to IP addresses on the host server. This is required for the chooseServerAlias() method which is called early in the SSL handshake process (well before the hostname is known). When the chooseServerAlias() method is called, all we have is a IP address to identify the alias so a hashmap is used to tie a domain name to an IP address.
ConstructorsPublic MethodschooseEngineServerAlias( String keyType, Principal[] issuers, SSLEngine engine ) returns String Returns an alias in the keystore that best matches the requested hostname found in the SSL handshake
chooseServerAlias( String keyType, Principal[] issuers, Socket socket ) returns String Returns an alias that best matches the given HTTP socket.
getPrivateKey( String alias ) returns PrivateKey Returns the private key from the keystore for a given alias. getCertificateChain( String alias ) returns X509Certificate[] Returns the x509 certificate chain from the keystore for a given alias. chooseClientAlias( String keyTypes[], Principal[] issuers, Socket socket ) returns String chooseEngineClientAlias( String[] strings, Principal[] prncpls, SSLEngine ssle ) returns String |
|||||||||||||