File Doc Category Size Date Package
EasyX509TrustManager.java API Doc Example 4147 Sun Dec 05 23:04:44 GMT 2004 org.apache.commons.httpclient.contrib.ssl

EasyX509TrustManager

java.lang.Object

public class EasyX509TrustManager extends Object implements com.sun.net.ssl.X509TrustManager

EasyX509TrustManager unlike default {@link X509TrustManager} accepts self-signed certificates.

This trust manager SHOULD NOT be used for productive systems due to security reasons, unless it is a concious decision and you are perfectly aware of security implications of accepting self-signed certificates

author: Adrian Sutton
author: Oleg Kalnichevski DISCLAIMER: HttpClient developers DO NOT actively support this component. The component is provided as a reference material, which may be inappropriate to be used without additional customization.

Fields Summary
private com.sun.net.ssl.X509TrustManager
standardTrustManager
private static final Log
LOG
Log object for this class.
Constructors Summary
public EasyX509TrustManager(KeyStore keystore)
Constructor for EasyX509TrustManager.
super(); TrustManagerFactory factory = TrustManagerFactory.getInstance("SunX509"); factory.init(keystore); TrustManager[] trustmanagers = factory.getTrustManagers(); if (trustmanagers.length == 0) { throw new NoSuchAlgorithmException("SunX509 trust manager not supported"); } this.standardTrustManager = (X509TrustManager)trustmanagers[0];
Methods Summary
public java.security.cert.X509Certificate[] getAcceptedIssuers()
see
com.sun.net.ssl.X509TrustManager#getAcceptedIssuers()
return this.standardTrustManager.getAcceptedIssuers();
public boolean isClientTrusted(java.security.cert.X509Certificate[] certificates)
see
com.sun.net.ssl.X509TrustManager#isClientTrusted(X509Certificate[])
return this.standardTrustManager.isClientTrusted(certificates);
public boolean isServerTrusted(java.security.cert.X509Certificate[] certificates)
see
com.sun.net.ssl.X509TrustManager#isServerTrusted(X509Certificate[])
if ((certificates != null) && LOG.isDebugEnabled()) { LOG.debug("Server certificate chain:"); for (int i = 0; i < certificates.length; i++) { LOG.debug("X509Certificate[" + i + "]=" + certificates[i]); } } if ((certificates != null) && (certificates.length == 1)) { X509Certificate certificate = certificates[0]; try { certificate.checkValidity(); } catch (CertificateException e) { LOG.error(e.toString()); return false; } return true; } else { return this.standardTrustManager.isServerTrusted(certificates); }