Package org.elasticsearch.common.ssl
Class DiagnosticTrustManager
java.lang.Object
javax.net.ssl.X509ExtendedTrustManager
org.elasticsearch.common.ssl.DiagnosticTrustManager
- All Implemented Interfaces:
javax.net.ssl.TrustManager,javax.net.ssl.X509TrustManager
public final class DiagnosticTrustManager
extends javax.net.ssl.X509ExtendedTrustManager
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static interfaceDiagnosticTrustManager.DiagnosticLoggerThis interface exists because the ssl-config library does not depend on log4j, however the whole purpose of this class is to log diagnostic messages, so it must be provided with a function by which it can do that. -
Constructor Summary
Constructors Constructor Description DiagnosticTrustManager(javax.net.ssl.X509ExtendedTrustManager delegate, java.util.function.Supplier<java.lang.String> contextName, DiagnosticTrustManager.DiagnosticLogger logger) -
Method Summary
Modifier and Type Method Description voidcheckClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)voidcheckClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)voidcheckClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)voidcheckServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)voidcheckServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)voidcheckServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)java.security.cert.X509Certificate[]getAcceptedIssuers()
-
Constructor Details
-
DiagnosticTrustManager
public DiagnosticTrustManager(javax.net.ssl.X509ExtendedTrustManager delegate, java.util.function.Supplier<java.lang.String> contextName, DiagnosticTrustManager.DiagnosticLogger logger)- Parameters:
contextName- The descriptive name of the context that this trust manager is operating in (e.g "xpack.security.http.ssl")logger- For uses that depend on log4j, it is recommended that this parameter be equivalent toLogManager.getLogger(DiagnosticTrustManager.class)::warn
-
-
Method Details
-
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket) throws java.security.cert.CertificateException- Specified by:
checkClientTrustedin classjavax.net.ssl.X509ExtendedTrustManager- Throws:
java.security.cert.CertificateException
-
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket) throws java.security.cert.CertificateException- Specified by:
checkServerTrustedin classjavax.net.ssl.X509ExtendedTrustManager- Throws:
java.security.cert.CertificateException
-
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine) throws java.security.cert.CertificateException- Specified by:
checkClientTrustedin classjavax.net.ssl.X509ExtendedTrustManager- Throws:
java.security.cert.CertificateException
-
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine) throws java.security.cert.CertificateException- Specified by:
checkServerTrustedin classjavax.net.ssl.X509ExtendedTrustManager- Throws:
java.security.cert.CertificateException
-
checkClientTrusted
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException- Throws:
java.security.cert.CertificateException
-
checkServerTrusted
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException- Throws:
java.security.cert.CertificateException
-
getAcceptedIssuers
public java.security.cert.X509Certificate[] getAcceptedIssuers()
-