@FunctionalInterface public static interface SniX509ExtendedKeyManager.SniSelector
Selects a certificate based on SNI information.
Modifier and Type | Method and Description |
---|---|
String |
sniSelect(String keyType,
Principal[] issuers,
SSLSession session,
String sniHost,
Collection<X509> certificates)
Selects a certificate based on SNI information.
|
static final String DELEGATE
String sniSelect(String keyType, Principal[] issuers, SSLSession session, String sniHost, Collection<X509> certificates) throws SSLHandshakeException
Selects a certificate based on SNI information.
This method may be invoked multiple times during the TLS handshake, with different parameters.
For example, the keyType
could be different, and subsequently the collection of certificates
(because they need to match the keyType
.
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names or null if it does not matter which issuers are usedsession
- the TLS handshake session or null if not known.sniHost
- the server name indication sent by the client, or null if the client did not send the server name indicationcertificates
- the list of certificates matching keyType
and issuers
known to this SslContextFactorycertificates
list,
or DELEGATE
if the certificate choice should be delegated to the
nested key manager or null for no match.SSLHandshakeException
- if the TLS handshake should be abortedCopyright © 2010 - 2020 Adobe. All Rights Reserved