Instance of this interface manage which X509 certificates may be used to authenticate the remote side of a secure socket. Decisions may be based on trusted certificate authorities, certificate revocation lists, online status checking or other means.
Public Method Summary
Return an array of certificate authority certificates which are trusted for authenticating peers.
public abstract void checkClientTrusted (X509Certificate chain, String authType)
Given the partial or complete certificate chain provided by the peer, build a certificate path to a trusted root and return if it can be validated and is trusted for client SSL authentication based on the authentication type.
The authentication type is determined by the actual certificate used. For instance, if RSAPublicKey is used, the authType should be "RSA". Checking is case-sensitive.
|chain||the peer certificate chain|
|authType||the authentication type based on the client certificate|