KeyManager
X509ExtendedKeyManager
public interface X509KeyManager extends KeyManager
During secure socket negotiations, implementations call methods in this interface to:
Note: the X509ExtendedKeyManager should be used in favor of this class.
Modifier and Type | Method | Description |
---|---|---|
String |
chooseClientAlias |
Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
String |
chooseServerAlias |
Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
X509Certificate[] |
getCertificateChain |
Returns the certificate chain associated with the given alias. |
String[] |
getClientAliases |
Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
PrivateKey |
getPrivateKey |
Returns the key associated with the given alias. |
String[] |
getServerAliases |
Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
String[] getClientAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used.String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name(s), ordered with the most-preferred key type first.issuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.String[] getServerAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name.issuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.X509Certificate[] getCertificateChain(String alias)
alias
- the alias namePrivateKey getPrivateKey(String alias)
alias
- the alias name
© 1993, 2023, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
https://docs.oracle.com/en/java/javase/21/docs/api/java.base/javax/net/ssl/X509KeyManager.html