ConfluentTrustManager (ce-broker-plugins 7.4.4-ce API)

java.lang.Object
- javax.net.ssl.X509ExtendedTrustManager
- - io.confluent.kafka.server.plugins.ssl.ConfluentTrustManager

All Implemented Interfaces:

TrustManager, X509TrustManager
```
public class ConfluentTrustManager
extends X509ExtendedTrustManager
```
A trust manager that verifies that the client & server certificate presented during clientAuth belongs to confluent cloud and then delegates to the defaultTrustManager for general certificate chain validation. It first verifies that the subjectAltName and if missing it verifies the subject belongs to confluent cloud.

Constructor Summary

Constructors
Constructor and Description

ConfluentTrustManager(Map<String,?> configs, X509ExtendedTrustManager defaultTrustManager)

Constructors
Constructor and Description
`ConfluentTrustManager(Map<String,?> configs, X509ExtendedTrustManager defaultTrustManager)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`checkClientTrusted(X509Certificate[] x509Certificates, String authType)`
`void`	`checkClientTrusted(X509Certificate[] x509Certificates, String authType, Socket socket)`
`void`	`checkClientTrusted(X509Certificate[] x509Certificates, String authType, SSLEngine sslEngine)`
`void`	`checkServerTrusted(X509Certificate[] x509Certificates, String authType)`
`void`	`checkServerTrusted(X509Certificate[] x509Certificates, String authType, Socket socket)`
`void`	`checkServerTrusted(X509Certificate[] x509Certificates, String authType, SSLEngine sslEngine)`
`X509Certificate[]`	`getAcceptedIssuers()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ConfluentTrustManager

public ConfluentTrustManager(Map<String,?> configs,
                             X509ExtendedTrustManager defaultTrustManager)

Method Detail

checkClientTrusted

public void checkClientTrusted(X509Certificate[] x509Certificates,
                               String authType,
                               Socket socket)
                        throws CertificateException

Specified by:: checkClientTrusted in class X509ExtendedTrustManager
Throws:: CertificateException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] x509Certificates,
                               String authType,
                               Socket socket)
                        throws CertificateException

Specified by:: checkServerTrusted in class X509ExtendedTrustManager
Throws:: CertificateException

checkClientTrusted

public void checkClientTrusted(X509Certificate[] x509Certificates,
                               String authType,
                               SSLEngine sslEngine)
                        throws CertificateException

Specified by:: checkClientTrusted in class X509ExtendedTrustManager
Throws:: CertificateException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] x509Certificates,
                               String authType,
                               SSLEngine sslEngine)
                        throws CertificateException

Specified by:: checkServerTrusted in class X509ExtendedTrustManager
Throws:: CertificateException

checkClientTrusted

public void checkClientTrusted(X509Certificate[] x509Certificates,
                               String authType)
                        throws CertificateException

Throws:: CertificateException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] x509Certificates,
                               String authType)
                        throws CertificateException

Throws:: CertificateException

getAcceptedIssuers

public X509Certificate[] getAcceptedIssuers()

Class ConfluentTrustManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ConfluentTrustManager

Method Detail

checkClientTrusted

checkServerTrusted

checkClientTrusted

checkServerTrusted

checkClientTrusted

checkServerTrusted

getAcceptedIssuers