Package com.unboundid.util.ssl
This package contains classes that may be used to help create SSL/TLS
contexts and socket factories, which may be used in the process of creating
secure connections, or for securing existing connections using StartTLS.
-
Class Summary Class Description AggregateTrustManager This class provides an SSL trust manager that has the ability to delegate the determination about whether to trust a given certificate to one or more other trust managers.HostNameSSLSocketVerifier This class provides an implementation of anSSLSocket
verifier that will verify that the presented server certificate includes the address to which the client intended to establish a connection.HostNameTrustManager This class provides an SSL trust manager that will only accept certificates whose hostname (as contained in the CN subject attribute or a subjectAltName extension) matches an expected value.JVMDefaultTrustManager This class provides an implementation of a trust manager that relies on the JVM's default set of trusted issuers.KeyStoreKeyManager This class provides an SSL key manager that may be used to retrieve certificates from a key store file.PKCS11KeyManager This class provides an SSL key manager that may be used to retrieve certificates from a PKCS#11 token.PromptTrustManager This class provides an SSL trust manager that will interactively prompt the user to determine whether to trust any certificate that is presented to it.SSLSocketVerifier This class defines an API that will be invoked immediately after establishing a connection usingSSLSocket
(whether by establishing a connection that is initially secure or by wrapping an existing insecure connection in anSSLSocket
).SSLUtil This class provides a simple interface for creatingSSLContext
andSSLSocketFactory
instances, which may be used to create SSL-based connections, or secure existing connections with StartTLS.TLSCipherSuiteComparator This class provides a comparator that may be used to order TLS cipher suites from most-preferred to least-preferred.TLSCipherSuiteSelector This class provides a utility for selecting the cipher suites that should be supported for TLS communication.TrustAllSSLSocketVerifier This class provides an implementation of anSSLSocket
verifier that will blindly accept anySSLSocket
.TrustAllTrustManager This class provides an SSL trust manager which will blindly trust any certificate that is presented to it, although it may optionally reject certificates that are expired or not yet valid.TrustStoreTrustManager This class provides an SSL trust manager that will consult a specified trust store file to determine whether to trust a certificate that is presented to it.ValidityDateTrustManager This class provides an SSL trust manager that merely checks to see whether a presented certificate is currently within its validity time window (i.e., the current time is not earlier than the certificate's notBefore timestamp and not later than the certificate's notAfter timestamp).WrapperKeyManager This class provides an SSL key manager that may be used to wrap a provided set of key managers.