Hi guys,

I'm trying to build and validate a certificate path in Java 6.  I have
loaded in two certificates:  one is the certificate I'm trying to
validate, and the other is the certificate of the CA who has signed
it.

I threw these two certificates into an array and called
CertificateValidator.createCertificatePath(<cert array>) to generate a
path.  I then created a TrustAnchor object, passing in the CA's
certificate, and used this to create a new PKIXParameters object.
Finally, I create a CertPathValidator of the default type, and tried
to validate the path, along with the parameters object.

I get the following error:

java.security.cert.CertPathValidatorException: revocation status check
failed: no CRL found
at
sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:
139)
at
sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:
316)
at
sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:
178)
at
java.security.cert.CertPathValidator.validate(CertPathValidator.java:
250)

So I've acquired the CRL of the CA, and can load this into a X509CRL
object.  I'm now completely unsure how to use this object - at which
point in the process can I specify that this is the CRL to be examined
during the validation process?  I find the java.security.cert.*
documentation to be rather sparse at times, and could not find any
examples via Google.

Any help would be greatly appreciated.  Do not hesitate to ask for
more details :-)

Thanks,

Duncan Jones