Class JSSSocketFactory
- All Implemented Interfaces:
Serializable
,LDAPSocketFactory
,LDAPTLSSocketFactory
,org.mozilla.jss.ssl.SSLCertificateApprovalCallback
LDAPSocketFactory
interface.
By default, the factory uses "secmod.db", "key*.db" and "cert*.db"
databases in the current directory. If you need to override this default
setting, then you should use the constructor JSSSocketFactory(certdbDir)
.
- Version:
- 1.1
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.mozilla.jss.ssl.SSLCertificateApprovalCallback
org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityItem, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus
-
Constructor Summary
ConstructorsConstructorDescriptionConstructs a newJSSSocketFactory
, initializing the JSS security system if it has not already been initialized.JSSSocketFactory
(String certdbDir) Constructs a newJSSSocketFactory
, initializing the JSS security system if it has not already been initialized. -
Method Summary
Modifier and TypeMethodDescriptionboolean
approve
(org.mozilla.jss.crypto.X509Certificate serverCert, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status) The default implementation of the SSLCertificateApprovalCallback interface.static void
initialize
(String certdbDir) Initialize the JSS security subsystem.makeSocket
(String host, int port) Creates an SSL socketmakeSocket
(Socket s) Creates an SSL socket layered over an existing socket.
-
Constructor Details
-
JSSSocketFactory
Constructs a newJSSSocketFactory
, initializing the JSS security system if it has not already been initialized.The current directory is assumed to be the certificate database directory.
- Throws:
LDAPException
- on initialization error- See Also:
-
JSSSocketFactory
Constructs a newJSSSocketFactory
, initializing the JSS security system if it has not already been initialized.- Parameters:
certdbDir
- The full path, relative or absolute, of the certificate database directory- Throws:
LDAPException
- on initialization error
-
-
Method Details
-
initialize
Initialize the JSS security subsystem.This method allows you to override the current directory as the default certificate database directory. The directory is expected to contain
secmod.db
,key*.db
andcert*.db
files as the security module database, key database and certificate database respectively.The method may be called only once, before the first instance of
JSSSocketFactory
is created. When creating the first instance, the constructor will automatically initialize the JSS security subsystem using the defaults, unless it is already initialized.- Parameters:
certdbDir
- The full path, relative or absolute, of the certificate database directory.- Throws:
LDAPException
- on initialization error- See Also:
-
makeSocket
Creates an SSL socket- Specified by:
makeSocket
in interfaceLDAPSocketFactory
- Parameters:
host
- Host name or IP address of SSL serverport
- Port numbers of SSL server- Returns:
- A socket for an encrypted session
- Throws:
LDAPException
- on error creating socket- See Also:
-
approve
public boolean approve(org.mozilla.jss.crypto.X509Certificate serverCert, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status) The default implementation of the SSLCertificateApprovalCallback interface.This default implementation always returns true. If you need to verify the server certificate validity, then you should override this method.
- Specified by:
approve
in interfaceorg.mozilla.jss.ssl.SSLCertificateApprovalCallback
- Parameters:
serverCert
- X509 Certificatestatus
- The validity of the server certificate- Returns:
true
, by default we trust the certificate
-
makeSocket
Creates an SSL socket layered over an existing socket. Used for the startTLS implementation (RFC2830).- Specified by:
makeSocket
in interfaceLDAPTLSSocketFactory
- Parameters:
s
- An existing non-SSL socket- Returns:
- A SSL socket layered over the input socket
- Throws:
LDAPException
- on error creating socket- Since:
- LDAPJDK 4.17
- See Also:
-