Class CompositeX509TrustManager

java.lang.Object

de.xima.fc.certificate.provider.internal.CompositeX509TrustManager

All Implemented Interfaces:

TrustManager, X509TrustManager

public class CompositeX509TrustManager
extends Object
implements X509TrustManager

Composite implementation of X509TrustManager that delegates trust checks to a list of underlying trust managers. A certificate chain is considered trusted if any of the provided trust managers accepts it.

This class is useful when you want to combine multiple trust sources, such as the default system trust store and a custom trust store.

Since:

04.06.25

Author:

tobias

Constructor Summary

Constructors

Constructor	Description
CompositeX509TrustManager(List<X509TrustManager> trustManagers)	Constructs a new CompositeX509TrustManager with the given list of trust managers.

Method Summary

Modifier and Type	Method	Description
void	checkClientTrusted(X509Certificate[] chain, String authType)	Checks whether the client certificate chain is trusted by any of the underlying trust managers.
void	checkServerTrusted(X509Certificate[] chain, String authType)	Checks whether the server certificate chain is trusted by any of the underlying trust managers.
X509Certificate[]	getAcceptedIssuers()	Returns the combined list of accepted issuers from all underlying trust managers.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CompositeX509TrustManager

public CompositeX509TrustManager(List<X509TrustManager> trustManagers)

Constructs a new CompositeX509TrustManager with the given list of trust managers.

Parameters:

trustManagers - the list of X509TrustManagers to delegate to

Method Details

checkClientTrusted

public void checkClientTrusted(X509Certificate[] chain,
 String authType)
                        throws CertificateException

Checks whether the client certificate chain is trusted by any of the underlying trust managers.

Specified by:

checkClientTrusted in interface X509TrustManager

Parameters:

chain - the client certificate chain

authType - the authentication type based on the client certificate

Throws:

CertificateException - if none of the trust managers trusts the certificate chain

checkServerTrusted

public void checkServerTrusted(X509Certificate[] chain,
 String authType)
                        throws CertificateException

Checks whether the server certificate chain is trusted by any of the underlying trust managers.

Specified by:

checkServerTrusted in interface X509TrustManager

Parameters:

chain - the server certificate chain

authType - the key exchange algorithm used

Throws:

CertificateException - if none of the trust managers trusts the certificate chain

getAcceptedIssuers

public X509Certificate[] getAcceptedIssuers()

Returns the combined list of accepted issuers from all underlying trust managers.

Specified by:

getAcceptedIssuers in interface X509TrustManager

Returns:

an array of accepted X509Certificate issuers