Package org.elasticsearch.common.ssl

Class DiagnosticTrustManager

java.lang.Object
javax.net.ssl.X509ExtendedTrustManager
org.elasticsearch.common.ssl.DiagnosticTrustManager
All Implemented Interfaces:
javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager
public final class DiagnosticTrustManager
extends javax.net.ssl.X509ExtendedTrustManager

  • Nested Class Summary

    Nested Classes
    Modifier and Type Class Description
    static interface  DiagnosticTrustManager.DiagnosticLogger
    This interface exists because the ssl-config library does not depend on log4j, however the whole purpose of this class is to log diagnostic messages, so it must be provided with a function by which it can do that.

  • Constructor Summary

    Constructors
    Constructor Description
    DiagnosticTrustManager​(javax.net.ssl.X509ExtendedTrustManager delegate, java.util.function.Supplier<java.lang.String> contextName, DiagnosticTrustManager.DiagnosticLogger logger)  

  • Method Summary

    Modifier and Type Method Description
    void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType)  
    void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)  
    void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)  
    void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType)  
    void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)  
    void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)  
    java.security.cert.X509Certificate[] getAcceptedIssuers()  

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • DiagnosticTrustManager

      public DiagnosticTrustManager​(javax.net.ssl.X509ExtendedTrustManager delegate, java.util.function.Supplier<java.lang.String> contextName, DiagnosticTrustManager.DiagnosticLogger logger)
      Parameters:
      contextName - The descriptive name of the context that this trust manager is operating in (e.g "xpack.security.http.ssl")
      logger - For uses that depend on log4j, it is recommended that this parameter be equivalent to LogManager.getLogger(DiagnosticTrustManager.class)::warn

  • Method Details

    • checkClientTrusted

      public void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket) throws java.security.cert.CertificateException
      Specified by:
      checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
      Throws:
      java.security.cert.CertificateException

    • checkServerTrusted

      public void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket) throws java.security.cert.CertificateException
      Specified by:
      checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
      Throws:
      java.security.cert.CertificateException

    • checkClientTrusted

      public void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine) throws java.security.cert.CertificateException
      Specified by:
      checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
      Throws:
      java.security.cert.CertificateException

    • checkServerTrusted

      public void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine) throws java.security.cert.CertificateException
      Specified by:
      checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
      Throws:
      java.security.cert.CertificateException

    • checkClientTrusted

      public void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
      Throws:
      java.security.cert.CertificateException

    • checkServerTrusted

      public void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
      Throws:
      java.security.cert.CertificateException

    • getAcceptedIssuers

      public java.security.cert.X509Certificate[] getAcceptedIssuers()