public interface X509KeyManager extends KeyManager
During secure socket negotiations, implentations call methods in this interface to:
Note: the X509ExtendedKeyManager should be used in favor of this class.
Modifier and Type | Method and Description |
---|---|
String |
chooseClientAlias(String[] keyType,
Principal[] issuers,
Socket socket)
Choose an alias to authenticate the client side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
String |
chooseServerAlias(String keyType,
Principal[] issuers,
Socket socket)
Choose an alias to authenticate the server side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
X509Certificate[] |
getCertificateChain(String alias)
Returns the certificate chain associated with the given alias.
|
String[] |
getClientAliases(String keyType,
Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
PrivateKey |
getPrivateKey(String alias)
Returns the key associated with the given alias.
|
String[] |
getServerAliases(String keyType,
Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
String[] getClientAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names,
or null if it does not matter which issuers are used.String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name(s), ordered
with the most-preferred key type first.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.String[] getServerAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.X509Certificate[] getCertificateChain(String alias)
alias
- the alias namePrivateKey getPrivateKey(String alias)
alias
- the alias name Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2016, Oracle and/or its affiliates. All rights reserved.
DRAFT 9-internal+0-2016-01-26-133437.ivan.openjdk9onspinwait