Starting with Mantis, we have a second JSSE X509TrustManager that is implemented as a wrapper over CertPath. However, there is currently no way to pass comprehensive PKIX validation settings to the CertPath implementation.
In order to achieve that, we need to define a standard class implementing ManagerFactoryParameters that encapsulates CertPathParameters. This can then be used with the init(ManagerFactoryParameters) method in addition to the init(KeyStore) method on TrustManagerFactory for all CertPath based TrustManagers.