All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface iaik.security.ssl.TrustDecider

public interface TrustDecider
This is an interface of abstract methods to let the user implement his own policy of trusting or rejecting a certificate sent from a peer.

See Also:
DefaultTrustDecider

Method Index

o getAcceptedCAs()
Get the accepted CAs from the TrustDecider.
o isTrustedPeer(X509Certificate[])
Decides if the peer certificate is trusted or not.

Methods

o isTrustedPeer 
 public abstract boolean isTrustedPeer(X509Certificate certList[])
Decides if the peer certificate is trusted or not. The handshaker calls this method with the certificate chain sent by the peer. The trust decider now can decide if this certificate is trusted or not. If the trust decider rejects the certificate a @see SSLException "Untrusted Certificate!" is thrown and the connection is closed.

To set your own TrustDecider use the method @see SSLContext.setTrustDecider.

Parameters:
certList - the certificate list of the peer or null if the peer has no certificate
Returns:
true if the peer is trusted or false otherwise
o getAcceptedCAs 
 public abstract Name[] getAcceptedCAs()
Get the accepted CAs from the TrustDecider. If a TrustDecider is specified in a SSLContext of a SSL server socket a certificate request message is sent to the client. The certificate request message also includes Distinguished Names (X.500) from accepted certification authorities, which can be specified here.

Returns:
an array with the names of the accepted CAs 
All Packages  Class Hierarchy  This Package  Previous  Next  Index