Added in API level 17

X509TrustManagerExtensions


open class X509TrustManagerExtensions
kotlin.Any
   ↳ android.net.http.X509TrustManagerExtensions

X509TrustManager wrapper exposing Android-added features.

The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.

Summary

Public constructors

Constructs a new X509TrustManagerExtensions wrapper.

Public methods
open MutableList<X509Certificate!>!
checkServerTrusted(chain: Array<X509Certificate!>!, authType: String!, host: String!)

Verifies the given certificate chain.

open Boolean
isSameTrustConfiguration(hostname1: String!, hostname2: String!)

Returns true if the TrustManager uses the same trust configuration for the provided hostnames.

open Boolean

Checks whether a CA certificate is added by an user.

Public constructors

X509TrustManagerExtensions

Added in API level 17
X509TrustManagerExtensions(tm: X509TrustManager!)

Constructs a new X509TrustManagerExtensions wrapper.

Parameters
tm X509TrustManager!: A X509TrustManager as returned by TrustManagerFactory.getInstance();
Exceptions
java.lang.IllegalArgumentException If tm is an unsupported TrustManager type.

Public methods

checkServerTrusted

Added in API level 17
open fun checkServerTrusted(
    chain: Array<X509Certificate!>!,
    authType: String!,
    host: String!
): MutableList<X509Certificate!>!

Verifies the given certificate chain.

See X509TrustManager#checkServerTrusted(X509Certificate[], String) for a description of the chain and authType parameters. The final parameter, host, should be the hostname of the server.

Return
MutableList<X509Certificate!>! the properly ordered chain used for verification as a list of X509Certificates.
Exceptions
java.security.cert.CertificateException if the chain does not verify correctly.

isSameTrustConfiguration

Added in API level 28
open fun isSameTrustConfiguration(
    hostname1: String!,
    hostname2: String!
): Boolean

Returns true if the TrustManager uses the same trust configuration for the provided hostnames.

isUserAddedCertificate

Added in API level 21
open fun isUserAddedCertificate(cert: X509Certificate!): Boolean

Checks whether a CA certificate is added by an user.

Since X509TrustManager#checkServerTrusted may allow its parameter chain to chain up to user-added CA certificates, this method can be used to perform additional policies for user-added CA certificates.

Return
Boolean true to indicate that the certificate authority exists in the user added certificate store, false otherwise.