public class

SslClientAuth

extends Object
java.lang.Object
   ↳ com.sap.cloud.mobile.foundation.authentication.SslClientAuth

Class Overview

This class is meant to be used with the OkHttpClient. It creates an SSLSocketFactory and TrustManager with client certificate handling.

Example usage:

 // Creating an OKHttpClient that handles certificate challenges with certificates from the system.
 SslClientAuth sslClientAuth = SslClientAuth.system();
 OkHttpClient client = new OkHttpClient.Builder()
    .sslSocketFactory(sslClientAuth.getSslSocketFactory(), sslClientAuth.getTrustManager())
    .build();
  

Summary

Public Constructors
SslClientAuth(CertificateProvider certificateProvider)
Constructs a new SslClientAuth.
Public Methods
void clear(String host, int port)
Clears the stored certificate preferences for the given host and port.
void clear()
Clears the stored certificate preferences.
X509Certificate[] getSessionCertificate(String host, int port)
Returns the certificate chain used for the given host and port.
PrivateKey getSessionPrivateKey(String host, int port)
Returns the private key used for the given host and port.
SSLSocketFactory getSslSocketFactory()
X509TrustManager getTrustManager()
static SslClientAuth system(SystemCertificateProvider.AliasStore aliasStore)
static SslClientAuth system()
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public SslClientAuth (CertificateProvider certificateProvider)

Constructs a new SslClientAuth.

Parameters
certificateProvider The CertificateProvider that will be cleared when clear() or clear(String, int) is called.

Public Methods

public void clear (String host, int port)

Clears the stored certificate preferences for the given host and port. This will also call clear on the underlying CertificateProvider. The user may need to also call okHttpClient.connectionPool().evictAll() to get a new challenge.

public void clear ()

Clears the stored certificate preferences. This will also call clear on the underlying CertificateProvider. The user may need to also call okHttpClient.connectionPool().evictAll() to get a new challenge.

public X509Certificate[] getSessionCertificate (String host, int port)

Returns the certificate chain used for the given host and port. A network request to a certificate protected endpoint must be done first for a value to be available.

Parameters
host the host
port the port
Returns
  • the certificate chain

public PrivateKey getSessionPrivateKey (String host, int port)

Returns the private key used for the given host and port. A network request to a certificate protected endpoint must be done first for a value to be available.

Parameters
host the host
port the port
Returns
  • the private key

public SSLSocketFactory getSslSocketFactory ()

Returns

public X509TrustManager getTrustManager ()

Returns

public static SslClientAuth system (SystemCertificateProvider.AliasStore aliasStore)

Parameters
aliasStore The alias store.
Returns

public static SslClientAuth system ()

Returns