public interface X509KeyManager
implements KeyManager
javax.net.ssl.X509KeyManager |
Known Indirect Subclasses |
此接口的实例管理使用哪个基于X509证书的密钥对来验证安全套接字的本地端。
在安全套接字协商期间,实现会调用此接口中的方法来:
注意:应该使用X509ExtendedKeyManager来支持这个类。
Public methods |
|
---|---|
abstract String |
chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) 给定公钥类型和对等方认可的证书颁发者权限列表(如果有的话),选择一个别名来验证安全套接字的客户端。 |
abstract String |
chooseServerAlias(String keyType, Principal[] issuers, Socket socket) 给定公钥类型和对等方认可的证书颁发者权限列表(如果有的话),选择一个别名来验证安全套接字的服务器端。 |
abstract X509Certificate[] |
getCertificateChain(String alias) 返回与给定别名关联的证书链。 |
abstract String[] |
getClientAliases(String keyType, Principal[] issuers) 在给定公钥类型和对等方认可的证书颁发者权限列表(如果有)的情况下,获取用于认证安全套接字的客户端的匹配别名。 |
abstract PrivateKey |
getPrivateKey(String alias) 返回与给定别名关联的键。 |
abstract String[] |
getServerAliases(String keyType, Principal[] issuers) 在给定公钥类型和由对等方认可的证书颁发者权限列表(如果有)的情况下获取用于验证安全套接字的服务器端的匹配别名。 |
String chooseClientAlias (String[] keyType, Principal[] issuers, Socket socket)
给定公钥类型和对等方认可的证书颁发者权限列表(如果有的话),选择一个别名来验证安全套接字的客户端。
Parameters | |
---|---|
keyType |
String : the key algorithm type name(s), ordered with the most-preferred key type first. |
issuers |
Principal : the list of acceptable CA issuer subject names or null if it does not matter which issuers are used. |
socket |
Socket : the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket. |
Returns | |
---|---|
String |
the alias name for the desired key, or null if there are no matches. |
String chooseServerAlias (String keyType, Principal[] issuers, Socket socket)
给定公钥类型和对等方认可的证书颁发者权限列表(如果有的话),选择一个别名来验证安全套接字的服务器端。
Parameters | |
---|---|
keyType |
String : the key algorithm type name. |
issuers |
Principal : the list of acceptable CA issuer subject names or null if it does not matter which issuers are used. |
socket |
Socket : the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket. |
Returns | |
---|---|
String |
the alias name for the desired key, or null if there are no matches. |
X509Certificate[] getCertificateChain (String alias)
返回与给定别名关联的证书链。
Parameters | |
---|---|
alias |
String : the alias name |
Returns | |
---|---|
X509Certificate[] |
the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found. |
String[] getClientAliases (String keyType, Principal[] issuers)
在给定公钥类型和对等方认可的证书颁发者权限列表(如果有)的情况下,获取用于认证安全套接字的客户端的匹配别名。
Parameters | |
---|---|
keyType |
String : the key algorithm type name |
issuers |
Principal : the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used. |
Returns | |
---|---|
String[] |
an array of the matching alias names, or null if there were no matches. |
PrivateKey getPrivateKey (String alias)
返回与给定别名关联的键。
Parameters | |
---|---|
alias |
String : the alias name |
Returns | |
---|---|
PrivateKey |
the requested key, or null if the alias can't be found. |
String[] getServerAliases (String keyType, Principal[] issuers)
在给定公钥类型和由对等方认可的证书颁发者权限列表(如果有)的情况下获取用于验证安全套接字的服务器端的匹配别名。
Parameters | |
---|---|
keyType |
String : the key algorithm type name |
issuers |
Principal : the list of acceptable CA issuer subject names or null if it does not matter which issuers are used. |
Returns | |
---|---|
String[] |
an array of the matching alias names, or null if there were no matches. |