Interface PKIClientX509CertificateBindingVerifier<T>


  • public interface PKIClientX509CertificateBindingVerifier<T>
    Client X.509 certificate binding verifier. Intended for verifying that a client X.509 certificate submitted during successful PKI mutual TLS authentication (in tls_client_auth) matches one of the the registered values for the client. These can be: tls_client_auth_subject_dn, tls_client_auth_san_dns, tls_client_auth_san_uri, tls_client_auth_san_ip or tls_client_auth_san_email.

    Implementations must be tread-safe.