Package org.apache.zookeeper.common
Class ZKTrustManager
- java.lang.Object
-
- javax.net.ssl.X509ExtendedTrustManager
-
- org.apache.zookeeper.common.ZKTrustManager
-
- All Implemented Interfaces:
javax.net.ssl.TrustManager
,javax.net.ssl.X509TrustManager
public class ZKTrustManager extends javax.net.ssl.X509ExtendedTrustManager
A custom TrustManager that supports hostname verification via org.apache.http.conn.ssl.DefaultHostnameVerifier. We attempt to perform verification using just the IP address first and if that fails will attempt to perform a reverse DNS lookup and verify using the hostname.
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
void
checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)
void
checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)
void
checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
void
checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)
void
checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)
java.security.cert.X509Certificate[]
getAcceptedIssuers()
-
-
-
Method Detail
-
getAcceptedIssuers
public java.security.cert.X509Certificate[] getAcceptedIssuers()
-
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket) throws java.security.cert.CertificateException
- Specified by:
checkClientTrusted
in classjavax.net.ssl.X509ExtendedTrustManager
- Throws:
java.security.cert.CertificateException
-
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket) throws java.security.cert.CertificateException
- Specified by:
checkServerTrusted
in classjavax.net.ssl.X509ExtendedTrustManager
- Throws:
java.security.cert.CertificateException
-
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine) throws java.security.cert.CertificateException
- Specified by:
checkClientTrusted
in classjavax.net.ssl.X509ExtendedTrustManager
- Throws:
java.security.cert.CertificateException
-
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine) throws java.security.cert.CertificateException
- Specified by:
checkServerTrusted
in classjavax.net.ssl.X509ExtendedTrustManager
- Throws:
java.security.cert.CertificateException
-
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
- Throws:
java.security.cert.CertificateException
-
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
- Throws:
java.security.cert.CertificateException
-
-