Name
X509KeyManager
Synopsis
This interface is a
KeyManager for working with X.509 certificates. An
X509KeyManager is used during the SSL handshake by
a peer that authenticates itself by providing an X.509 certificate
chain to the remote host. This is usually done on the server side of
the SSL connection, and can be done on the client-side as well,
although that is uncommon. Obtain an
X509KeyManager object either by implementing your
own or from a KeyManagerFactory created with an
algorithm of “SunX509”.
Applications do not call the methods of an
X509KeyManager themselves. Instead, they simply
supply an appropriate X509KeyManager object to the
SSLContext object that is responsible for setting
up SSL connections. When the system needs to authenticate itself
during an SSL handshake, it calls various methods of the key manager
object to obtain the information in needs.
An X509KeyManager retrieves keys and certificae
chains from the KeyStore object that was passed to
the init( ) method of the
KeyManagerFactory object from which it was
created. getPrivateKey( ) and
getCertificateChain( ) return the private key and
the certificate chain for a specified alias. The other methods are
called to list all aliases in the keystore or to choose one alias
from the keystore that matches the specified keytype and certificate
authority criteria. In this way, a X509KeyManager can choose a certificate chain (and it corresponding key) based on the types of keys and the list of certificate authorities recognized ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access