Package org.elasticsearch.common.ssl

Class SslDiagnostics

java.lang.Object
org.elasticsearch.common.ssl.SslDiagnostics
public class SslDiagnostics
extends java.lang.Object

  • Nested Class Summary

    Nested Classes
    Modifier and Type Class Description
    static class  SslDiagnostics.PeerType  

  • Constructor Summary

    Constructors
    Constructor Description
    SslDiagnostics()  

  • Method Summary

    Modifier and Type Method Description
    static org.elasticsearch.common.ssl.SslDiagnostics.IssuerTrust checkIssuerTrust​(java.util.Map<java.lang.String,​java.util.List<java.security.cert.X509Certificate>> trustedIssuers, java.security.cert.X509Certificate peerCert)  
    static java.util.List<java.lang.String> describeValidHostnames​(java.security.cert.X509Certificate certificate)  
    static java.lang.String getTrustDiagnosticFailure​(java.security.cert.X509Certificate[] chain, SslDiagnostics.PeerType peerType, javax.net.ssl.SSLSession session, java.lang.String contextName, java.util.Map<java.lang.String,​java.util.List<java.security.cert.X509Certificate>> trustedIssuers)  

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • SslDiagnostics

      public SslDiagnostics()

  • Method Details

    • describeValidHostnames

      public static java.util.List<java.lang.String> describeValidHostnames​(java.security.cert.X509Certificate certificate)

    • getTrustDiagnosticFailure

      public static java.lang.String getTrustDiagnosticFailure​(java.security.cert.X509Certificate[] chain, SslDiagnostics.PeerType peerType, javax.net.ssl.SSLSession session, java.lang.String contextName, @Nullable java.util.Map<java.lang.String,​java.util.List<java.security.cert.X509Certificate>> trustedIssuers)
      Parameters:
      contextName - The descriptive name of this SSL context (e.g. "xpack.security.transport.ssl")
      trustedIssuers - A Map of DN to Certificate, for the issuers that were trusted in the context in which this failure occurred (see X509TrustManager.getAcceptedIssuers())

    • checkIssuerTrust

      public static org.elasticsearch.common.ssl.SslDiagnostics.IssuerTrust checkIssuerTrust​(java.util.Map<java.lang.String,​java.util.List<java.security.cert.X509Certificate>> trustedIssuers, java.security.cert.X509Certificate peerCert)