X509HostnameVerifier
public
interface
X509HostnameVerifier
implements
HostnameVerifier
org.apache.http.conn.ssl.X509HostnameVerifier
|
Known indirect subclasses
|
This interface was deprecated
in API level 22.
Please use URL.openConnection()
instead.
Please visit this webpage
for further details.
Interface for checking if a hostname matches the names stored inside the
server's X.509 certificate. Implements javax.net.ssl.HostnameVerifier, but
we don't actually use that interface. Instead we added some methods that
take String parameters (instead of javax.net.ssl.HostnameVerifier's
SSLSession). JUnit is a lot easier this way! :-)
We provide the HostnameVerifier.DEFAULT, HostnameVerifier.STRICT, and
HostnameVerifier.ALLOW_ALL implementations. But feel free to define
your own implementation!
Inspired by Sebastian Hauer's original StrictSSLProtocolSocketFactory in the
HttpClient "contrib" repository.
Summary
Public methods
verify
public abstract void verify (String host,
SSLSocket ssl)
Parameters |
host |
String |
ssl |
SSLSocket |
verify
public abstract void verify (String host,
X509Certificate cert)
Parameters |
host |
String |
cert |
X509Certificate |
verify
public abstract void verify (String host,
String[] cns,
String[] subjectAlts)
Checks to see if the supplied hostname matches any of the supplied CNs
or "DNS" Subject-Alts. Most implementations only look at the first CN,
and ignore any additional CNs. Most implementations do look at all of
the "DNS" Subject-Alts. The CNs or Subject-Alts may contain wildcards
according to RFC 2818.
Parameters |
host |
String : The hostname to verify. |
cns |
String : CN fields, in order, as extracted from the X.509
certificate. |
subjectAlts |
String : Subject-Alt fields of type 2 ("DNS"), as extracted
from the X.509 certificate. |
verify
public abstract boolean verify (String host,
SSLSession session)
Verify that the host name is an acceptable match with
the server's authentication scheme.
Parameters |
host |
String : the host name |
session |
SSLSession : SSLSession used on the connection to host |
Returns |
boolean |
true if the host name is acceptable |