ice.ssl
Interface CertificateCallback

All Known Implementing Classes:

CertificateManager

public interface CertificateCallback

This interface is invoked everytime the SSL-layer needs feedback from the application or the application needs to be notified about errors etc. The application must supply an implementation of this interface, and register it in SSLSocket using the setCertificateCallback method.

See Also:

SSLSocket.setCertificateCallback(ice.ssl.CertificateCallback)

Method Summary

boolean	acceptCertificate(X509Certificate[] certs, SSLSocket socket) Method invoked when a certificate is received.
X509Certificate[]	selectName(X500Name[] names) This method is invoked everytime the SSL layer recieves a certificate request.
PrivateKey	supplyPrivateKey(X509Certificate cert) Given a client certificate, supply the private key that belongs to it

Method Detail

acceptCertificate

public boolean acceptCertificate(X509Certificate[] certs,
                                 SSLSocket socket)

Method invoked when a certificate is received. This method must decide if the certificate is to be accepted or not, and return the result. It is blocking the SSL transaction so if the certificate is refused by the user, no data will be transmited.

Returns:

false if the certificate is not accepted, true otherwise.

selectName

public X509Certificate[] selectName(X500Name[] names)

This method is invoked everytime the SSL layer recieves a certificate request. The names parameter is an array of the X500 Distinguished names of all the certificates the server accepts. This method returns a cerificate with the selected distiguished name or null if no client certificate should be supplied. Typical action would be to ask the user to select a certificate.

Returns:

the the selected certificate.

supplyPrivateKey

public PrivateKey supplyPrivateKey(X509Certificate cert)

Given a client certificate, supply the private key that belongs to it

Returns:

a private key of the given certificate.