Lines Matching refs:certificates
67 // PEM files for root certificates of Comodo and Entrust. These two CAs are sufficient to view
141 * Returns a SSL context that trusts {@code certificates} and none other. HTTPS services whose
142 * certificates have not been signed by these certificates will fail with a {@code
145 * <p>This can be used to replace the host platform's built-in trusted certificates with a custom
146 * set. This is useful in development where certificate authority-trusted certificates aren't
149 * <p>See also {@link CertificatePinner}, which can limit trusted certificates while still using
153 * Relying on your own trusted certificates limits your server team's ability to update their TLS
154 * certificates. By installing a specific set of trusted certificates, you take on additional
156 * not use custom trusted certificates in production without the blessing of your server's TLS
162 Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
163 if (certificates.isEmpty()) {
164 throw new IllegalArgumentException("expected non-empty set of trusted certificates");
167 // Put the certificates a key store.
171 for (Certificate certificate : certificates) {