com.tibco.tibjms

Interface TibjmsSSLHostNameVerifier

public interface TibjmsSSLHostNameVerifier

Custom host name verifier. This interface can be used by applications when the host name in the certificate is only available at run time or should be calculated at run time.

The verifyHostName() method is only called after the host certificate is verified using trusted certificates.

If the custom verifier approves the name in the certificate it should not throw exceptions. If the name is not approved the JMSSecurityException must be thrown.

Method Summary

Modifier and Type	Method and Description
void	verifyHostName(java.lang.String connectedHostName, java.lang.String expectedHostName, java.lang.String certificateCommonName, java.security.cert.X509Certificate server_certificate) Called when the client needs to verify the certificate name.

Method Detail

verifyHostName

void verifyHostName(java.lang.String connectedHostName,
                    java.lang.String expectedHostName,
                    java.lang.String certificateCommonName,
                    java.security.cert.X509Certificate server_certificate)
             throws JMSSecurityException

Called when the client needs to verify the certificate name. Method must throw JMSSecurityException to signal the host name verification failure.

Parameters:

connectedHostName - an actual name of the host running the connected TLS server.

expectedHostName - the name set via TibjmsSSL.setExpectedHostName() method or set in the ConnectionFactory.

certificateCommonName - the value of CN field in the server certificate subject.

server_certificate - the server certificate.

Throws:

JMSSEcurityException - if host name verification fails, i.e. the name in the certificate is unknown or is not correct.

JMSSecurityException