This package provides classes to interactively let the user accept or refuse invalid server certificates in a way similar to the behaviour of modern webbrowsers. Customizing the checking of server certificates is normally done in Java by implementing both a {@link java.net.HostnameVerifier} and a {@link javax.net.ssl.X509TrustManager}. The HostnameVerifier is responsible for matching the hostname of the server against the server, while the TrustManager does the different checks on the validity of the certificate chain. A HostnameVerifier implementation cannot do both, since its verify() method is only called when the hostname does not match. On the other a (X509)TrustManager implementation does not get the hostname of the server. Since we like the user to get only one prompt upon error, we extend {@link javax.net.ssl.HttpsURLConnection} into {@link nl.nikhef.slcshttps.trust.HttxURLConnection} which sets static hostname and port fields inside the {@link nl.nikhef.slcshttps.trust.TrustManagerImpl} class. Note that this means that HttxURLConnection is not thread-safe, but it is hard to implement this in any case, since the set of already accepted certificates should be global accross threads. All checks are now done using only the TrustManager which internally uses {@link nl.nikhef.slcshttps.trust.HostnameChecker} and {@link nl.nikhef.slcshttps.trust.CertChainChecker} for this. @see nl.nikhef.slcshttps @see http://www.nikhef.nl/pub/projects/grid/slcshttps/ @since 0.1