// Check to see if we need to perform proper validation of\r
// the certificate chains.\r
TrustManager[] trustAllCerts = null;\r
- if (validateServerCertChain) {\r
if (truststoreFilename != null) {\r
System.setProperty(TRUST_STORE_PROPERTY, truststoreFilename);\r
} else {\r
throw new IllegalArgumentException("Trust store filename must be set!");\r
}\r
\r
- } else {\r
-\r
- // We aren't validating certificates, so create a trust manager that does\r
- // not validate certificate chains.\r
- trustAllCerts = new TrustManager[] {new X509TrustManager() {\r
- public X509Certificate[] getAcceptedIssuers() {\r
- return null;\r
- }\r
-\r
- public void checkClientTrusted(X509Certificate[] certs, String authType) {}\r
-\r
- public void checkServerTrusted(X509Certificate[] certs, String authType) {}\r
- }};\r
- }\r
-\r
// Set up the SSL context, keystore, etc. to use for our connection\r
// to the AAI.\r
SSLContext ctx = SSLContext.getInstance(sslProtocol);\r