Module org.snmp4j

Interface TlsTmSecurityCallback<C extends Certificate>

    • Method Detail

      • getSecurityName

        OctetString getSecurityName​(C[] peerCertificateChain)
        Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
        Parameters:
        peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.
        Returns:
        the tmSecurityName as defined by RFC 5953.
      • isClientCertificateAccepted

        boolean isClientCertificateAccepted​(C peerEndCertificate)
                                     throws CertificateException
        Check if the supplied peer end certificate is accepted as client.
        Parameters:
        peerEndCertificate - a client Certificate instance to check acceptance for.
        Returns:
        true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.
        Throws:
        CertificateException - if the certificate is rejected.
      • isServerCertificateAccepted

        boolean isServerCertificateAccepted​(C[] peerCertificateChain)
                                     throws CertificateException
        Check if the supplied peer certificate chain is accepted as server.
        Parameters:
        peerCertificateChain - a server Certificate chain to check acceptance for.
        Returns:
        true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.
        Throws:
        CertificateException - if the certificate is rejected.
      • isAcceptedIssuer

        boolean isAcceptedIssuer​(C issuerCertificate)
                          throws CertificateException
        Check if the supplied issuer certificate is accepted as server.
        Parameters:
        issuerCertificate - an issuer Certificate instance to check acceptance for.
        Returns:
        true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.
        Throws:
        CertificateException - if the certificate is rejected.
      • getLocalCertificateAlias

        String getLocalCertificateAlias​(Address targetAddress)
        Gets the local certificate alias to be used for the supplied target address.
        Parameters:
        targetAddress - a target address or null if the default local certificate alias needs to be retrieved.
        Returns:
        the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.