 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / April 2004Certificate Verification - guidelines requested
My java app gets an X509 certificate out of an XML signature, and I want to verify that the certificate is signed by any one of several trusted CAs. If we assume that all relevant CA certificates are stored in the "cacerts" file in the local JDK, what is a simple way of verifying that the original certificate is signed by one of these trusted CAs? Please outline the steps my code should perform. (I couldn't find any simple examples in the JDK documentation or on the web.) Thanks very much! Steve One procedure to achieve that is: - oX509Certificate.getIssuerDN().getName() (get the issuer Principal DN) - check if this DN exists in your cacerts keystore (enumerate the cacerts keystore and get the potential signer cert) and get the associated PublicKey issuerPBK - verify that DN's signature on your cert via oX509Certificate.verify(issuerPBK ...) - Mitch > My java app gets an X509 certificate out of an XML signature, and I > want to verify that the certificate is signed by any one of several [quoted text clipped - 10 lines] > > Steve > My java app gets an X509 certificate out of an XML signature, and I > want to verify that the certificate is signed by any one of several [quoted text clipped - 10 lines] > > Steve Hi, Have you looked at certpath API in JDK 1.4? Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.