You are currently viewing a snapshot of taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to, please file a bug.

Class TestCertApprovalCallback

  extended by org.mozilla.jss.ssl.TestCertApprovalCallback
All Implemented Interfaces:

public class TestCertApprovalCallback
extends java.lang.Object
implements SSLCertificateApprovalCallback

This is a test implementation of the certificate approval callback which gets invoked when the server presents a certificate which is not trusted by the client

Nested Class Summary
Nested classes/interfaces inherited from interface org.mozilla.jss.ssl.SSLCertificateApprovalCallback
SSLCertificateApprovalCallback.ValidityItem, SSLCertificateApprovalCallback.ValidityStatus
Constructor Summary
Method Summary
 boolean approve(X509Certificate servercert, SSLCertificateApprovalCallback.ValidityStatus status)
          This method is called when the server sends it's certificate to the client.
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail


public TestCertApprovalCallback()
Method Detail


public boolean approve(X509Certificate servercert,
                       SSLCertificateApprovalCallback.ValidityStatus status)
Description copied from interface: SSLCertificateApprovalCallback
This method is called when the server sends it's certificate to the client. The 'status' argument passed to this method is constructed by NSS. It's a list of things 'wrong' with the certificate (which you can see by calling the status.getReasons() method. So, if there are problems regarding validity or trust of any of the certificates in the chain, you can present this info to the user. If there are no items in the Enumeration returned by getReasons(), you can assume that the certificate is trustworthy, and return true, or you can continue to make further tests of your own to determine trustworthiness.

Specified by:
approve in interface SSLCertificateApprovalCallback
servercert - the peer's server certificate
status - the ValidityStatus object containing a list of all the problems with the cert
true allow the connection to continue
false terminate the connection (Expect an IOException on the outstanding read()/write() on the socket)