class TrustManagerFactories
(source)
Trust manager factories for fingerprinting clients and servers.
static fun recordClientFingerprints(knownClientsFile: Path): TrustManagerFactory static fun recordClientFingerprints(repository: FingerprintRepository): TrustManagerFactory static fun recordClientFingerprints(knownClientsFile: Path, tmf: TrustManagerFactory): TrustManagerFactory static fun recordClientFingerprints(repository: FingerprintRepository, tmf: TrustManagerFactory): TrustManagerFactory
Accept all client certificates, recording certificate fingerprints for those that are not CA-signed. Excepting when a client presents a CA-signed certificate, the certificate fingerprint will be written to Important: this provides no security as it is vulnerable to man-in-the-middle attacks. static fun recordClientFingerprints(knownClientsFile: Path, skipCASigned: Boolean): TrustManagerFactory static fun recordClientFingerprints(repository: FingerprintRepository, skipCASigned: Boolean): TrustManagerFactory
Accept all client certificates, recording certificate fingerprints. For all connections, the fingerprint of the presented certificate will be written to Important: this provides no security as it is vulnerable to man-in-the-middle attacks. |
|
static fun recordServerFingerprints(knownServersFile: Path): TrustManagerFactory static fun recordServerFingerprints(repository: FingerprintRepository): TrustManagerFactory static fun recordServerFingerprints(knownServersFile: Path, tmf: TrustManagerFactory): TrustManagerFactory static fun recordServerFingerprints(repository: FingerprintRepository, tmf: TrustManagerFactory): TrustManagerFactory
Accept all server certificates, recording certificate fingerprints for those that are not CA-signed. Excepting when a server presents a CA-signed certificate, the server host+port and the certificate fingerprint will be written to Important: this provides no security as it is vulnerable to man-in-the-middle attacks. static fun recordServerFingerprints(knownServersFile: Path, skipCASigned: Boolean): TrustManagerFactory static fun recordServerFingerprints(repository: FingerprintRepository, skipCASigned: Boolean): TrustManagerFactory
Accept all server certificates, recording certificate fingerprints. For all connections, the server host+port and the fingerprint of the presented certificate will be written to Important: this provides no security as it is vulnerable to man-in-the-middle attacks. |
|
static fun trustClientOnFirstAccess(knownClientsFile: Path): TrustManagerFactory static fun trustClientOnFirstAccess(repository: FingerprintRepository): TrustManagerFactory
Accept CA-signed client certificates, and otherwise trust client certificates on first access. Except when a client presents a CA-signed certificate, on first connection to this server the common name and fingerprint of the presented certificate will be recorded. On subsequent connections, the client will be rejected if the fingerprint has changed. Note: unlike the seemingly equivalent static fun trustClientOnFirstAccess(knownClientsFile: Path, acceptCASigned: Boolean): TrustManagerFactory static fun trustClientOnFirstAccess(repository: FingerprintRepository, acceptCASigned: Boolean): TrustManagerFactory
Trust client certificates on first access. on first connection to this server the common name and fingerprint of the presented certificate will be recorded. On subsequent connections, the client will be rejected if the fingerprint has changed. Note: unlike the seemingly equivalent static fun trustClientOnFirstAccess(knownClientsFile: Path, tmf: TrustManagerFactory): TrustManagerFactory static fun trustClientOnFirstAccess(repository: FingerprintRepository, tmf: TrustManagerFactory): TrustManagerFactory
Accept CA-signed certificates, and otherwise trust client certificates on first access. Except when a client presents a CA-signed certificate, on first connection to this server the common name and fingerprint of the presented certificate will be recorded. On subsequent connections, the client will be rejected if the fingerprint has changed. Note: unlike the seemingly equivalent |
|
static fun trustServerOnFirstUse(knownServersFile: Path): TrustManagerFactory static fun trustServerOnFirstUse(repository: FingerprintRepository): TrustManagerFactory static fun trustServerOnFirstUse(knownServersFile: Path, tmf: TrustManagerFactory): TrustManagerFactory static fun trustServerOnFirstUse(repository: FingerprintRepository, tmf: TrustManagerFactory): TrustManagerFactory
Accept CA-signed certificates, and otherwise trust server certificates on first use. Except when a server presents a CA-signed certificate, on first connection to a server (identified by host+port) the fingerprint of the presented certificate will be recorded in static fun trustServerOnFirstUse(knownServersFile: Path, acceptCASigned: Boolean): TrustManagerFactory static fun trustServerOnFirstUse(repository: FingerprintRepository, acceptCASigned: Boolean): TrustManagerFactory
Trust server certificates on first use. On first connection to a server (identified by host+port) the fingerprint of the presented certificate will be recorded in |
|
static fun whitelistClients(knownClientsFile: Path): TrustManagerFactory static fun whitelistClients(repository: FingerprintRepository): TrustManagerFactory static fun whitelistClients(knownClientsFile: Path, tmf: TrustManagerFactory): TrustManagerFactory static fun whitelistClients(repository: FingerprintRepository, tmf: TrustManagerFactory): TrustManagerFactory
Require servers to present known certificates, or CA-signed certificates. If a certificate is not CA-signed, then its fingerprint must be present in the static fun whitelistClients(knownClientsFile: Path, acceptCASigned: Boolean): TrustManagerFactory static fun whitelistClients(repository: FingerprintRepository, acceptCASigned: Boolean): TrustManagerFactory
Require clients to present known certificates. The fingerprint for a client certificate must be present in |
|
static fun whitelistServers(knownServersFile: Path): TrustManagerFactory static fun whitelistServers(repository: FingerprintRepository): TrustManagerFactory static fun whitelistServers(knownServersFile: Path, tmf: TrustManagerFactory): TrustManagerFactory static fun whitelistServers(repository: FingerprintRepository, tmf: TrustManagerFactory): TrustManagerFactory
Require servers to present known certificates, or CA-signed certificates. If a certificate is not CA-signed, then its fingerprint must be present in the static fun whitelistServers(knownServersFile: Path, acceptCASigned: Boolean): TrustManagerFactory static fun whitelistServers(repository: FingerprintRepository, acceptCASigned: Boolean): TrustManagerFactory
Require servers to present known certificates. The fingerprint for a server certificate must be present in the |