org.apache.tomcat.util.net.jsse
public final class JSSEKeyManager extends Object implements X509KeyManager
Constructor Summary | |
---|---|
JSSEKeyManager(X509KeyManager mgr, String serverKeyAlias)
Constructor.
|
Method Summary | |
---|---|
String | chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the client side of a secure socket,
given the public key type and the list of certificate issuer authorities
recognized by the peer (if any).
|
String | chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Returns this key manager's server key alias that was provided in the
constructor.
|
X509Certificate[] | getCertificateChain(String alias)
Returns the certificate chain associated with the given alias.
|
String[] | getClientAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any).
|
PrivateKey | getPrivateKey(String alias)
Returns the key associated with the given alias.
|
String[] | getServerAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any).
|
Parameters: mgr The X509KeyManager used as a delegate serverKeyAlias The alias name of the server's keypair and supporting certificate chain
Parameters: keyType The key algorithm type name(s), ordered with the most-preferred key type first issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used socket The socket to be used for this connection. This parameter can be null, in which case this method will return the most generic alias to use
Returns: The alias name for the desired key, or null if there are no matches
Parameters: keyType The key algorithm type name (ignored) issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used (ignored) socket The socket to be used for this connection. This parameter can be null, in which case this method will return the most generic alias to use (ignored)
Returns: Alias name for the desired key
Parameters: alias The alias name
Returns: Certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found
Parameters: keyType The key algorithm type name issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used
Returns: Array of the matching alias names, or null if there were no matches
Parameters: alias The alias name
Returns: The requested key, or null if the alias can't be found
Parameters: keyType The key algorithm type name issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used
Returns: Array of the matching alias names, or null if there were no matches