- 
- All Superinterfaces:
- KeyManager
 - All Known Implementing Classes:
- X509ExtendedKeyManager
 
 public interface X509KeyManager extends KeyManager Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.During secure socket negotiations, implementations call methods in this interface to: - determine the set of aliases that are available for negotiations based on the criteria presented,
- select the best alias based on the criteria presented, and
- obtain the corresponding key material for given aliases.
 Note: the X509ExtendedKeyManager should be used in favor of this class. - Since:
- 1.4
 
- 
- 
Method SummaryAll Methods Instance Methods Abstract Methods Modifier and Type Method Description StringchooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).StringchooseServerAlias(String keyType, Principal[] issuers, Socket socket)Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).X509Certificate[]getCertificateChain(String alias)Returns the certificate chain associated with the given alias.String[]getClientAliases(String keyType, Principal[] issuers)Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).PrivateKeygetPrivateKey(String alias)Returns the key associated with the given alias.String[]getServerAliases(String keyType, Principal[] issuers)Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
 
- 
- 
- 
Method Detail- 
getClientAliasesString[] getClientAliases(String keyType, Principal[] issuers) Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
- keyType- the key algorithm type name
- issuers- the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used.
- Returns:
- an array of the matching alias names, or null if there were no matches.
 
 - 
chooseClientAliasString chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
- keyType- the key algorithm type name(s), ordered with the most-preferred key type first.
- issuers- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
- socket- the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
- Returns:
- the alias name for the desired key, or null if there are no matches.
 
 - 
getServerAliasesString[] getServerAliases(String keyType, Principal[] issuers) Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
- keyType- the key algorithm type name
- issuers- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
- Returns:
- an array of the matching alias names, or null if there were no matches.
 
 - 
chooseServerAliasString chooseServerAlias(String keyType, Principal[] issuers, Socket socket) Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).- Parameters:
- keyType- the key algorithm type name.
- issuers- the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
- socket- the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
- Returns:
- the alias name for the desired key, or null if there are no matches.
 
 - 
getCertificateChainX509Certificate[] getCertificateChain(String alias) Returns the certificate chain associated with the given alias.- Parameters:
- alias- the alias name
- Returns:
- the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found.
 
 - 
getPrivateKeyPrivateKey getPrivateKey(String alias) Returns the key associated with the given alias.- Parameters:
- alias- the alias name
- Returns:
- the requested key, or null if the alias can't be found.
 
 
- 
 
-