public interface X509KeyManager extends KeyManager
During secure socket negotiations, implentations call methods in this interface to:
Note: the X509ExtendedKeyManager should be used in favor of this class.
Modifier and Type | Method | Description |
---|---|---|
String |
chooseClientAlias (String[] keyType,
Principal[] issuers,
Socket socket) |
Choose an alias to authenticate the client side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
String |
chooseServerAlias (String keyType,
Principal[] issuers,
Socket socket) |
Choose an alias to authenticate the server side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
X509Certificate[] |
getCertificateChain (String alias) |
Returns the certificate chain associated with the given alias.
|
String[] |
getClientAliases (String keyType,
Principal[] issuers) |
Get the matching aliases for authenticating the client side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
PrivateKey |
getPrivateKey (String alias) |
Returns the key associated with the given alias.
|
String[] |
getServerAliases (String keyType,
Principal[] issuers) |
Get the matching aliases for authenticating the server side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
String[] getClientAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names,
or null if it does not matter which issuers are used.String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name(s), ordered
with the most-preferred key type first.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.String[] getServerAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.X509Certificate[] getCertificateChain(String alias)
alias
- the alias namePrivateKey getPrivateKey(String alias)
alias
- the alias name Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2025, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.
Scripting on this page tracks web page traffic, but does not change the content in any way.