Package ghidra.net

Class ApplicationTrustManagerFactory

java.lang.Object
ghidra.net.ApplicationTrustManagerFactory
public class ApplicationTrustManagerFactory extends Object
ApplicationTrustManagerFactory provides the ability to establish acceptable certificate authorities to be used with SSL connections and PKI authentication.

The default behavior is for no trust authority to be established, in which case SSL peers will not be authenticated. If CA certificates have been set, all SSL connections which leverage this factory will perform peer authentication. If an error occurs while reading the CA certs file, all peer authentication will fail based upon the inability to choose a suitable client/server certificate.

The application X.509 CA certificates file may be in the standard form (*.pem, *.crt, *.cer, *.der) or may be in a Java JKS form (*.jks). The path to this file may be established in one of two ways using the absolute file path:

  1. setting the system property ghidra.cacerts (takes precedence)
  2. setting the user preference ghidra.cacerts

The application may choose to set the file path automatically based upon the presence of a cacerts file at a predetermined location.

  • Field Details

    • GHIDRA_CACERTS_PATH_PROPERTY

      public static final String GHIDRA_CACERTS_PATH_PROPERTY
      The X509 cacerts file to be used when authenticating remote certificates is identified by either a system property or user preference ghidra.cacerts. The system property takes precedence.
      See Also:

  • Method Details

    • hasCertificateAuthorities

      public static boolean hasCertificateAuthorities()
      Determine if certificate authorities are in place. If no certificate authorities have been specified via the "ghidra.cacerts" property, all certificates will be trusted.
      Returns:
      true if certificate authorities are in place, else false.