Package com.unboundid.util.ssl
Class HostNameSSLSocketVerifier
- java.lang.Object
-
- com.unboundid.util.ssl.SSLSocketVerifier
-
- com.unboundid.util.ssl.HostNameSSLSocketVerifier
-
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class HostNameSSLSocketVerifier extends SSLSocketVerifier
This class provides an implementation of anSSLSocket
verifier that will verify that the presented server certificate includes the address to which the client intended to establish a connection. It will check the CN attribute of the certificate subject, as well as certain subjectAltName extensions, including dNSName, uniformResourceIdentifier, and iPAddress.
-
-
Constructor Summary
Constructors Constructor Description HostNameSSLSocketVerifier(boolean allowWildcards)
Creates a new instance of thisSSLSocket
verifier.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
verifySSLSocket(java.lang.String host, int port, javax.net.ssl.SSLSocket sslSocket)
Verifies that the providedSSLSocket
is acceptable and the connection should be allowed to remain established.
-
-
-
Constructor Detail
-
HostNameSSLSocketVerifier
public HostNameSSLSocketVerifier(boolean allowWildcards)
Creates a new instance of thisSSLSocket
verifier.- Parameters:
allowWildcards
- Indicates whether to allow wildcard certificates which contain an asterisk as the first component of a CN subject attribute or dNSName subjectAltName extension.
-
-
Method Detail
-
verifySSLSocket
public void verifySSLSocket(java.lang.String host, int port, javax.net.ssl.SSLSocket sslSocket) throws LDAPException
Verifies that the providedSSLSocket
is acceptable and the connection should be allowed to remain established.- Specified by:
verifySSLSocket
in classSSLSocketVerifier
- Parameters:
host
- The address to which the client intended the connection to be established.port
- The port to which the client intended the connection to be established.sslSocket
- TheSSLSocket
that should be verified.- Throws:
LDAPException
- If a problem is identified that should prevent the providedSSLSocket
from remaining established.
-
-