public
final
class
MAMCertificatePinningManager
extends Object| java.lang.Object | |
| ↳ | com.microsoft.intune.mam.client.app.MAMCertificatePinningManager |
Class Overview
The MAMCertificatePinningManager has methods to enable certificate pinning for apps, according to the Intune cert pinning configuration received from the MAM Service.
Summary
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| static SSLContext |
getPinningSSLContext(String identity, URL url)
Get a SSLContext that can be used with a custom SSLSocketFactory implementation.
| ||||||||||
| static SSLSocketFactory |
getPinningSocketFactory(String identity, URL url)
Get a SSLSocketFactory used to configure HTTPS connection objects.
| ||||||||||
| static void |
validatePins(X509Certificate[] chain, String identity, URL url)
Validate the given chain using the pinning configuration for the given identity and URL.
| ||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Public Methods
public static SSLContext getPinningSSLContext (String identity, URL url)
Get a SSLContext that can be used with a custom SSLSocketFactory implementation.
Parameters
| identity | The identity of the account using the connection. Pass null to use the current thread identity. |
|---|---|
| url | The URL to be connected, used to choose the correct pins. |
Returns
- a SSLContext instance configured for pinning.
Throws
| GeneralSecurityException | Thrown on failure to create the SSLContext. See Android docs for SSLContext.getInstance() and SSLContext.init() for more details. |
|---|
public static SSLSocketFactory getPinningSocketFactory (String identity, URL url)
Get a SSLSocketFactory used to configure HTTPS connection objects.
Parameters
| identity | The identity of the account using the connection. Pass null to use the current thread identity. |
|---|---|
| url | The URL to be connected, used to choose the correct pins. |
Returns
- a SSLSocketFactory instance configured for pinning.
Throws
| GeneralSecurityException | Thrown on failure to create the underlying SSLContext. See Android docs for SSLContext.getInstance() and SSLContext.init() for more details. |
|---|
public static void validatePins (X509Certificate[] chain, String identity, URL url)
Validate the given chain using the pinning configuration for the given identity and URL.
Parameters
| chain | The chain to validate. Note that the network stack validations should already have been performed. This method only does the additional pinning validation. |
|---|---|
| identity | The identity of the account using the connection. Pass null to use the current thread identity. |
| url | The URL to be connected, used to choose the correct pins. |
Throws
| CertificateException | thrown if chain is not valid. |
|---|