if (tmStateReference.getCertifiedIdentity() != null) { OctetString fingerprint = tmStateReference.getCertifiedIdentity().getServerFingerprint(); if (isMatchingFingerprint(x509Certificates, fingerprint)) return;
@Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { if ((tmStateReference != null) && (tmStateReference.getCertifiedIdentity() != null)) { OctetString fingerprint = tmStateReference.getCertifiedIdentity().getClientFingerprint(); if (isMatchingFingerprint(x509Certificates, fingerprint)) { return; } } TlsTmSecurityCallback<X509Certificate> callback = securityCallback; if (!useClientMode && (callback != null)) { if (callback.isClientCertificateAccepted(x509Certificates[0])) { if (logger.isInfoEnabled()) { logger.info("Client is trusted with certificate '"+x509Certificates[0]+"'"); } return; } } try { trustManager.checkClientTrusted(x509Certificates, s); } catch (CertificateException cex) { counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionOpenErrors)); counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionInvalidClientCertificates)); logger.warn("Client certificate validation failed for '"+x509Certificates[0]+"'"); throw cex; } }
public X509TrustManager create(X509TrustManager trustManager, boolean useClientMode, TransportStateReference tmStateReference) { return new TlsTrustManager(trustManager, useClientMode, tmStateReference); } }