This interface is a
KeyManager for working with X.509 certificates. An
X509KeyManager is used during the SSL handshake by
a peer that authenticates itself by providing an X.509 certificate
chain to the remote host. This is usually done on the server side of
the SSL connection, and can be done on the client-side as well,
although that is uncommon. Obtain an
X509KeyManager object either by implementing your
own or from a
KeyManagerFactory created with an
algorithm of “SunX509”.
Applications do not call the methods of an
X509KeyManager themselves. Instead, they simply
supply an appropriate
X509KeyManager object to the
SSLContext object that is responsible for setting
up SSL connections. When the system needs to authenticate itself
during an SSL handshake, it calls various methods of the key manager
object to obtain the information in needs.
X509KeyManager retrieves keys and certificae
chains from the
KeyStore object that was passed to
init( ) method of the
KeyManagerFactory object from which it was
getPrivateKey( ) and
getCertificateChain( ) return the private key and
the certificate chain for a specified alias. The other methods are
called to list all aliases in the keystore or to choose one alias
from the keystore that matches the specified keytype and certificate
authority criteria. In this way, a
X509KeyManager can choose a certificate chain (and it corresponding key) based on the types of keys and the list of certificate authorities recognized ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.