A
trustManagerFactory is responsible for creating
TRustManager objects for a specific trust
management algorithm. Obtain a trustManagerFactory
object by calling one of the getInstance( )
methods and specifying the desired algorithm and, optionally, the
desired provider. In Java 1.4, the
"SunX509" algorithm is the only one
supported by the default "SunJSSE"
provider. After calling getInstance( ), you
initialize the factory object with init( ). For
the "SunX509" algorithm, you pass a
KeyStore object to init( ).
This KeyStore should contain the public keys of
trusted CAs (certification authorities). Once a
trustManagerFactory has been created and
initialized, use it to create a TRustManager by
calling gettrustManagers( ). This method returns
an array of trustManager objects because some
trust management algorithms may handle more than one type of key or
certificate. The "SunX509"
algorithm manages only X.509 keys, and always returns an array with
an X509trustManager object as its single element.
This returned array is typically passed to the init(
) method of an SSLContext object.
If no KeyStore is passed to the init(
) method of the TRustManagerFactory for
the "SunX509" algorithm, then the
factory uses a KeyStore created from the file
named by the system property
javax.net.ssl.trustStore if that property is
defined. (It also uses the key store type and password specified by
the properties javax.net.ssl.trustStoreType and
javax.net.ssl.trustStorePassword.) Otherwise, it
uses the file
jre/lib/security/jssecacerts in
the Java distribution, if it exists. Otherwise it uses the file
jre/lib/security/cacerts which is part of
Sun's Java distribution. Sun ships a default
cacerts file that contains certificates for
several well-known and reputable CAs. You can use the
keytool program to edit the
cacerts keystore (the default password is
"changeit").
public class
TrustManagerFactory {
// Protected Constructors
protected
TrustManagerFactory (TrustManagerFactorySpi
factorySpi , java.security.
Provider
provider , String
algorithm );
// Public Class Methods
public static final String
getDefaultAlgorithm ( );
public static final TrustManagerFactory
getInstance (String
algorithm )
throws java.security.NoSuchAlgorithmException;
public static final TrustManagerFactory
getInstance (String
algorithm ,
java.security.Provider
provider )
throws java.security.NoSuchAlgorithmException;
public static final TrustManagerFactory
getInstance (String
algorithm ,
String
provider ) throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException;
// Public Instance Methods
public final String
getAlgorithm ( );
public final java.security.Provider
getProvider ( );
public final TrustManager[ ]
getTrustManagers ( );
public final void
init (ManagerFactoryParameters
spec )
throws java.security.InvalidAlgorithmParameterException;
public final void
init (java.security.KeyStore
ks )
throws java.security.KeyStoreException;
}