Package org.apache.http.ssl
Interface TrustStrategy
public interface TrustStrategy
A strategy to establish trustworthiness of certificates without consulting the trust manager
configured in the actual SSL context. This interface can be used to override the standard
JSSE certificate verification process.
- Since:
- 4.4
-
Method Summary
Modifier and TypeMethodDescriptionboolean
isTrusted
(X509Certificate[] chain, String authType) Determines whether the certificate chain can be trusted without consulting the trust manager configured in the actual SSL context.
-
Method Details
-
isTrusted
Determines whether the certificate chain can be trusted without consulting the trust manager configured in the actual SSL context. This method can be used to override the standard JSSE certificate verification process.Please note that, if this method returns
false
, the trust manager configured in the actual SSL context can still clear the certificate as trusted.- Parameters:
chain
- the peer certificate chainauthType
- the authentication type based on the client certificate- Returns:
true
if the certificate can be trusted without verification by the trust manager,false
otherwise.- Throws:
CertificateException
- thrown if the certificate is not trusted or invalid.
-