Class SslClientAuth
-
- All Implemented Interfaces:
public class SslClientAuth
This class is meant to be used with the okhttp3.OkHttpClient. It creates an SSLSocketFactory and TrustManager with client certificate handling. Example usage:
// Creating an OKHttpClient that handles certificate challenges with certificates from the system. SslClientAuth sslClientAuth = SslClientAuth.system(); OkHttpClient client = new OkHttpClient.Builder() .sslSocketFactory(sslClientAuth.getSslSocketFactory(), sslClientAuth.getTrustManager()) .build();
-
-
Field Summary
Fields Modifier and Type Field Description public final X509TrustManager
trustManager
-
Constructor Summary
Constructors Constructor Description SslClientAuth(CertificateProvider certificateProvider)
Constructs a new SslClientAuth.
-
Method Summary
Modifier and Type Method Description X509TrustManager
getTrustManager()
SSLSocketFactory
getSslSocketFactory()
void
clear(@NonNull() String host, int port)
Clears the stored certificate preferences for the given host and port. void
clear()
Clears the stored certificate preferences. PrivateKey
getSessionPrivateKey(@NonNull() String host, int port)
Returns the private key used for the given host and port. Array<X509Certificate>
getSessionCertificate(@NonNull() String host, int port)
Returns the certificate chain used for the given host and port. static SslClientAuth
system()
static SslClientAuth
system(@Nullable() SystemCertificateProvider.AliasStore aliasStore)
-
-
Constructor Detail
-
SslClientAuth
SslClientAuth(CertificateProvider certificateProvider)
Constructs a new SslClientAuth.- Parameters:
certificateProvider
- The CertificateProvider that will be cleared when clear or clear is called.
-
-
Method Detail
-
getTrustManager
@NonNull() X509TrustManager getTrustManager()
- Returns:
The X509TrustManager.
-
getSslSocketFactory
@NonNull() SSLSocketFactory getSslSocketFactory()
- Returns:
The SSLSocketFactory.
-
clear
void clear(@NonNull() String host, int port)
Clears the stored certificate preferences for the given host and port. This will also call clear on the underlying CertificateProvider. The user may need to also call
okHttpClient.connectionPool().evictAll()
to get a new challenge.
-
clear
void clear()
Clears the stored certificate preferences. This will also call clear on the underlying CertificateProvider. The user may need to also call
okHttpClient.connectionPool().evictAll()
to get a new challenge.
-
getSessionPrivateKey
@Nullable() PrivateKey getSessionPrivateKey(@NonNull() String host, int port)
Returns the private key used for the given host and port. A network request to a certificate protected endpoint must be done first for a value to be available.
- Parameters:
host
- the hostport
- the port- Returns:
the private key
-
getSessionCertificate
@Nullable() Array<X509Certificate> getSessionCertificate(@NonNull() String host, int port)
Returns the certificate chain used for the given host and port. A network request to a certificate protected endpoint must be done first for a value to be available.
- Parameters:
host
- the hostport
- the port- Returns:
the certificate chain
-
system
@NonNull() static SslClientAuth system()
- Returns:
An instance configured with the SystemCertificateProvider.
-
system
@NonNull() static SslClientAuth system(@Nullable() SystemCertificateProvider.AliasStore aliasStore)
- Parameters:
aliasStore
- The alias store.- Returns:
An instance configured with the SystemCertificateProvider and SystemCertificateProvider.AliasStore for remembering the selection.
-
-
-
-