AliasedX509ExtendedKeyManager
public class AliasedX509ExtendedKeyManager
extends javax.net.ssl.X509ExtendedKeyManager
This class is a wrapper around an existing X509KeyManager that forces the use of a specific key alias during SSL/TLS handshake.
It is useful when a keystore contains multiple certificates, and you want to explicitly choose one (via keyAlias) instead of letting the system pick automatically.
Constructor:
public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception
Parameters:
keyAlias: The specific alias to always use for selecting keys and certificates.
keyManager: The original X509KeyManager to delegate operations to.
Throws: Exception if the input parameters are invalid or alias-related issues occur.
Creates an instance of AliasedX509ExtendedKeyManager, which is a wrapper around an existing X509KeyManager.
Methods:
| chooseClientAlias(...) | Returns the fixed alias if it matches client criteria. Used during client-side SSL handshakes. |
| chooseServerAlias(...) | Returns the fixed alias if it matches server criteria. Used during server-side SSL handshakes. |
| getClientAliases(...) | Returns aliases from the underlying keyManager for client-side use. |
| getServerAliases(...) | Returns aliases from the underlying keyManager for server-side use. |
| getCertificateChain(String alias) | Returns the certificate chain for the provided alias, using the wrapped key manager. |
| getPrivateKey(String alias) | Returns the private key for the given alias from the wrapped key manager. |
| chooseEngineServerAlias(...) | Same as chooseServerAlias, but used in non-blocking SSL (SSLEngine). |
| chooseEngineClientAlias(...) | Same as chooseClientAlias, but used with SSLEngine. |
Methods inherited from class java.lang.Object |
|
| equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait | |
These engine methods override the corresponding methods in X509ExtendedKeyManager.
Start innovating with Mobius
What's next? Let's talk!