X509Certificate - Code Search

okhttp-tls/src/main/kotlin/okhttp3/tls/internal/InsecureExtendedTrustManager.kt

    chain: Array<out X509Certificate>,
    authType: String?,
  ) = throw CertificateException("Unsupported operation")

  override fun checkClientTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    engine: SSLEngine?,
  ) = throw CertificateException("Unsupported operation")

  override fun checkClientTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    socket: Socket?,

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Thu Jul 31 04:18:40 GMT 2025

- 2.7K bytes

- Click Count (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/OkHostnameVerifier.kt

  ): Boolean =
    if (!host.isAscii()) {
      false
    } else {
      try {
        verify(host, session.peerCertificates[0] as X509Certificate)
      } catch (_: SSLException) {
        false
      }
    }

  fun verify(
    host: String,
    certificate: X509Certificate,
  ): Boolean =
    when {
      host.canParseAsIpAddress() -> verifyIpAddress(host, certificate)

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Tue Jan 27 09:00:39 GMT 2026

- 7.6K bytes

- Click Count (0)

github.com/square/okhttp

okhttp-tls/src/main/kotlin/okhttp3/tls/HandshakeCertificates.kt

    }

  class Builder {
    private var heldCertificate: HeldCertificate? = null
    private var intermediates: Array<X509Certificate>? = null
    private val trustedCertificates = mutableListOf<X509Certificate>()
    private val insecureHosts = mutableListOf<String>()

    /**
     * Configure the certificate chain to use when being authenticated. The first certificate is

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Sat May 10 11:15:14 GMT 2025

- 8.4K bytes

- Click Count (0)

github.com/square/okhttp

okhttp/src/androidMain/kotlin/okhttp3/internal/platform/AndroidPlatform.kt

      // private TrustAnchor findTrustAnchorByIssuerAndSignature(X509Certificate lastCert);
      val method =
        trustManager.javaClass.getDeclaredMethod(
          "findTrustAnchorByIssuerAndSignature",
          X509Certificate::class.java,
        )
      method.isAccessible = true
      CustomTrustRootIndex(trustManager, method)

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Fri Oct 10 05:19:46 GMT 2025

- 6.5K bytes

- Click Count (0)

github.com/square/okhttp

okhttp/src/jvmTest/kotlin/okhttp3/InterceptorOverridesTest.kt

            x509Certificates: Array<X509Certificate>,
            s: String,
          ) {
          }

          override fun checkServerTrusted(
            x509Certificates: Array<X509Certificate>,
            s: String,
          ) {
          }

          override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
        }

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Wed Mar 11 02:37:00 GMT 2026

- 28.8K bytes

- Click Count (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/Handshake.kt

 * limitations under the License.
 */
package okhttp3

import java.io.IOException
import java.security.Principal
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import okhttp3.internal.toImmutableList

/**

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Tue Jan 27 09:00:39 GMT 2026

- 6.6K bytes

- Click Count (1)

github.com/square/okhttp

android-test/src/androidDeviceTest/java/okhttp/android/test/OkHttpTest.kt

        override fun checkClientTrusted(
          chain: Array<out X509Certificate>?,
          authType: String?,
        ) {}

        override fun checkServerTrusted(
          chain: Array<out X509Certificate>?,
          authType: String?,
        ) {}

        override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
      }

    val sslContext =

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Tue Jan 27 09:00:39 GMT 2026

- 29.9K bytes

- Click Count (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/CertificatePinner.kt

  ) = check(hostname) {
    (certificateChainCleaner?.clean(peerCertificates, hostname) ?: peerCertificates)
      .map { it as X509Certificate }
  }

  internal fun check(
    hostname: String,
    cleanedPeerCertificatesFn: () -> List<X509Certificate>,
  ) {
    val pins = findMatchingPins(hostname)
    if (pins.isEmpty()) return

    val peerCertificates = cleanedPeerCertificatesFn()

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Tue Jan 27 09:00:39 GMT 2026

- 14.2K bytes

- Click Count (1)

github.com/square/okhttp

okhttp-testing-support/src/main/kotlin/okhttp3/FakeSSLSession.kt

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

class FakeSSLSession(
  vararg val certificates: Certificate,
) : SSLSession {
  override fun getApplicationBufferSize(): Int = throw UnsupportedOperationException()

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Tue Feb 03 22:17:59 GMT 2026

- 3.2K bytes

- Click Count (0)

github.com/square/okhttp

android-test/src/androidDeviceTest/java/okhttp/android/test/letsencrypt/LetsEncryptClientTest.kt

 * limitations under the License.
 */
package okhttp.android.test.letsencrypt

import android.os.Build
import assertk.assertThat
import assertk.assertions.isEqualTo
import java.security.cert.X509Certificate
import okhttp3.OkHttpClient
import okhttp3.Protocol
import okhttp3.Request
import okhttp3.tls.HandshakeCertificates
import okhttp3.tls.decodeCertificatePem
import org.junit.jupiter.api.Tag

Created: Fri Apr 03 11:42:14 GMT 2026

- Last Modified: Mon Jan 26 07:38:51 GMT 2026

- 4.4K bytes

- Click Count (0)

Search Options