public abstract class X509ExtendedKeyManager extends Object implements X509KeyManager
Methods in this class should be overriden to provide actual implementations.
| Modifier | Constructor and Description | 
|---|---|
| protected  | X509ExtendedKeyManager()Constructor used by subclasses only. | 
| Modifier and Type | Method and Description | 
|---|---|
| String | chooseEngineClientAlias(String[] keyType,
                       Principal[] issuers,
                       SSLEngine engine)Choose an alias to authenticate the client side of an
  SSLEngineconnection given the public key type
 and the list of certificate issuer authorities recognized by
 the peer (if any). | 
| String | chooseEngineServerAlias(String keyType,
                       Principal[] issuers,
                       SSLEngine engine)Choose an alias to authenticate the server side of an
  SSLEngineconnection given the public key type
 and the list of certificate issuer authorities recognized by
 the peer (if any). | 
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitchooseClientAlias, chooseServerAlias, getCertificateChain, getClientAliases, getPrivateKey, getServerAliasesprotected X509ExtendedKeyManager()
public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
SSLEngine connection given the public key type
 and the list of certificate issuer authorities recognized by
 the peer (if any).
 The default implementation returns null.
keyType - the key algorithm type name(s), ordered
          with the most-preferred key type first.issuers - the list of acceptable CA issuer subject names
          or null if it does not matter which issuers are used.engine - the SSLEngine to be used for this
          connection.  This parameter can be null, which indicates
          that implementations of this interface are free to
          select an alias applicable to any engine.public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
SSLEngine connection given the public key type
 and the list of certificate issuer authorities recognized by
 the peer (if any).
 The default implementation returns null.
keyType - the key algorithm type name.issuers - the list of acceptable CA issuer subject names
          or null if it does not matter which issuers are used.engine - the SSLEngine to be used for this
          connection.  This parameter can be null, which indicates
          that implementations of this interface are free to
          select an alias applicable to any engine. Submit a bug or feature 
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
 Copyright © 1993, 2025, Oracle and/or its affiliates.  All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.