/* This file is part of RouteConverter. RouteConverter is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. RouteConverter is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with RouteConverter; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Copyright (C) 2007 Christian Pesch. All Rights Reserved. */ package slash.navigation.rest.ssl; import javax.net.ssl.X509TrustManager; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; /** * A {@link X509TrustManager} * <p> * Based on http://blog.novoj.net/2016/02/29/how-to-make-apache-httpclient-trust-lets-encrypt-certificate-authority/ * * @author Otec Fura */ class TrustManagerDelegate implements X509TrustManager { private final X509TrustManager mainTrustManager; private final X509TrustManager fallbackTrustManager; public TrustManagerDelegate(X509TrustManager mainTrustManager, X509TrustManager fallbackTrustManager) { this.mainTrustManager = mainTrustManager; this.fallbackTrustManager = fallbackTrustManager; } public void checkClientTrusted(X509Certificate[] x509Certificates, String authType) throws CertificateException { try { mainTrustManager.checkClientTrusted(x509Certificates, authType); } catch(CertificateException ignored) { fallbackTrustManager.checkClientTrusted(x509Certificates, authType); } } public void checkServerTrusted(X509Certificate[] x509Certificates, String authType) throws CertificateException { try { mainTrustManager.checkServerTrusted(x509Certificates, authType); } catch(CertificateException ignored) { fallbackTrustManager.checkServerTrusted(x509Certificates, authType); } } public X509Certificate[] getAcceptedIssuers() { return fallbackTrustManager.getAcceptedIssuers(); } }