File Doc Category Size Date Package
X509HostnameVerifier.java API Doc Android 1.5 API 3536 Wed May 06 22:41:10 BST 2009 org.apache.http.conn.ssl

X509HostnameVerifier

public interface X509HostnameVerifier implements HostnameVerifier

Interface for checking if a hostname matches the names stored inside the server's X.509 certificate. Implements javax.net.ssl.HostnameVerifier, but we don't actually use that interface. Instead we added some methods that take String parameters (instead of javax.net.ssl.HostnameVerifier's SSLSession). JUnit is a lot easier this way! :-)

We provide the HostnameVerifier.DEFAULT, HostnameVerifier.STRICT, and HostnameVerifier.ALLOW_ALL implementations. But feel free to define your own implementation!

Inspired by Sebastian Hauer's original StrictSSLProtocolSocketFactory in the HttpClient "contrib" repository.

author: Julius Davies
author: Sebastian Hauer
since: 4.0 (8-Dec-2006)

Fields Summary
Constructors Summary
Methods Summary
public boolean verify(java.lang.String host, javax.net.ssl.SSLSession session)
public void verify(java.lang.String host, javax.net.ssl.SSLSocket ssl)
public void verify(java.lang.String host, java.security.cert.X509Certificate cert)
public void verify(java.lang.String host, java.lang.String[] cns, java.lang.String[] subjectAlts)
Checks to see if the supplied hostname matches any of the supplied CNs or "DNS" Subject-Alts. Most implementations only look at the first CN, and ignore any additional CNs. Most implementations do look at all of the "DNS" Subject-Alts. The CNs or Subject-Alts may contain wildcards according to RFC 2818.
param
cns CN fields, in order, as extracted from the X.509 certificate.
param
subjectAlts Subject-Alt fields of type 2 ("DNS"), as extracted from the X.509 certificate.
param
host The hostname to verify.
throws
SSLException If verification failed.