org.apache.http.conn.ssl.X509HostnameVerifier |
Known Indirect Subclasses
|
Class Overview
Interface for checking if a hostname matches the names stored inside the
server's X.509 certificate. This interface extends
HostnameVerifier
, but it is recommended to use
methods added by X509HostnameVerifier.
Summary
Public Methods |
abstract
void
|
verify(String host, X509Certificate cert)
Verifies that the host name is an acceptable match with the server's
authentication scheme based on the given X509Certificate .
|
abstract
void
|
verify(String host, SSLSocket ssl)
Verifies that the host name is an acceptable match with the server's
authentication scheme based on the given SSLSocket.
|
abstract
void
|
verify(String host, String[] cns, String[] subjectAlts)
Checks to see if the supplied hostname matches any of the supplied CNs
or "DNS" Subject-Alts.
|
Public Methods
Verifies that the host name is an acceptable match with the server's
authentication scheme based on the given X509Certificate
.
Parameters
host
| the host. |
cert
| the certificate. |
public
abstract
void
verify
(String host, SSLSocket ssl)
Verifies that the host name is an acceptable match with the server's
authentication scheme based on the given SSLSocket.
Parameters
host
| the host. |
ssl
| the SSL socket. |
Throws
IOException
| if an I/O error occurs or the verification process
fails.
|
public
abstract
void
verify
(String host, String[] cns, String[] subjectAlts)
Checks to see if the supplied hostname matches any of the supplied CNs
or "DNS" Subject-Alts. Most implementations only look at the first CN,
and ignore any additional CNs. Most implementations do look at all of
the "DNS" Subject-Alts. The CNs or Subject-Alts may contain wildcards
according to RFC 2818.
Parameters
host
| The hostname to verify. |
cns
| CN fields, in order, as extracted from the X.509
certificate. |
subjectAlts
| Subject-Alt fields of type 2 ("DNS"), as extracted
from the X.509 certificate. |