Class KeyStoreTrustManager

  • All Implemented Interfaces:
    HostnameVerifier, TrustManager, X509TrustManager

    public class KeyStoreTrustManager
    extends Object
    implements X509TrustManager, HostnameVerifier

    This class makes working with SSL connections easier, by prompting the user when an invalid certificate is encountered. The user will be given the option of refuting or accepting the certificate, including the option of adding the certificate to the PDF keystore.

    Due to the way SSL is implemented in Java, in order to actually use this class it needs to be installed statically. This can be done easily:

     PDFViewer viewer = newPDFViewer();   // Create it somehow

    This will install an instance of this object as the default X509TrustManager for any SSL connections made from Java. If an invalid certificate is encountered a dialog will be displayed relative to the PDFViewer object, and if the user chooses to accept the certificate permanently it will be added to the KeyStoreManager returned by PDFViewer.getKeyStoreManager()

    If you have more than one PDFViewer on the screen at once, or you don't want this class managing all SSL connections from the JVM, then you can create the object and use it as a trust manager only on the connections you need.