KeyManager Class

Custom implementation of a X509KeyManager. This class is required to support keystores with multiple SSL certificates. By default, the standard Java X509KeyManager and the SunX509 implementation will pick the first aliases it finds for which there is a private key and a key of the right type for the chosen cipher suite (typically RSA). Instead, this class relies on a map of hostnames and their corresponding IP addresses. When a new SSL request is made, it checks the incoming IP address and finds the corresponding hostname. Then, it tries to find an alias in the keystore that corresponds to the hostname.

Constructors

public KeyManager( java.security.KeyStore keystore, char[] password, String alias )
public KeyManager( java.security.KeyStore keystore, char[] password, java.util.HashMap aliases )

Methods

chooseClientAlias( String[] keyTypes, java.security.Principal[] issuers, java.net.Socket socket ) returns String
chooseEngineClientAlias( String[] strings, java.security.Principal[] prncpls, javax.net.ssl.SSLEngine ssle ) returns String
chooseEngineServerAlias( String keyType, java.security.Principal[] issuers, javax.net.ssl.SSLEngine engine ) returns String
chooseServerAlias( String keyType, java.security.Principal[] issuers, java.net.Socket socket ) returns String
getCertificateChain( String alias ) returns java.security.cert.X509Certificate[]
getClientAliases( String keyType, java.security.Principal[] issuers ) returns String[]
getPrivateKey( String alias ) returns java.security.PrivateKey
getServerAliases( String keyType, java.security.Principal[] issuers ) returns String[]