Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.programmer > #8070
| Path | csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder3.hal-mli.net!news.glorb.com!postnews.google.com!d2g2000vbk.googlegroups.com!not-for-mail |
|---|---|
| From | Stone <phracek2@gmail.com> |
| Newsgroups | comp.lang.java.programmer |
| Subject | validation certificate agains cacert |
| Date | Thu, 15 Sep 2011 23:50:08 -0700 (PDT) |
| Organization | http://groups.google.com |
| Lines | 91 |
| Message-ID | <47a06322-6497-421f-9572-705ae5bcb367@d2g2000vbk.googlegroups.com> (permalink) |
| NNTP-Posting-Host | 62.134.46.4 |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=ISO-8859-1 |
| X-Trace | posting.google.com 1316155890 20028 127.0.0.1 (16 Sep 2011 06:51:30 GMT) |
| X-Complaints-To | groups-abuse@google.com |
| NNTP-Posting-Date | Fri, 16 Sep 2011 06:51:30 +0000 (UTC) |
| Complaints-To | groups-abuse@google.com |
| Injection-Info | d2g2000vbk.googlegroups.com; posting-host=62.134.46.4; posting-account=IOeCfwoAAAA_VejOv6qSgFbw-0eHdS9A |
| User-Agent | G2/1.0 |
| X-Google-Web-Client | true |
| X-Google-Header-Order | HUALESRCNK |
| X-HTTP-UserAgent | Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2,gzip(gfe) |
| Xref | x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:8070 |
Show key headers only | View raw
Dear programmers,
I would like to ask you if there is any way how to compare certificate
against cacerts file.
I have already loaded certificate in keystore like:
CertificateFactory cf = CertificateFactory.getInstance("X.509");
String filename = System.getProperty("java.home")+"/lib/security/
cacerts".replace('/', File.separatorChar);
System.out.println(filename);
FileInputStream in = new FileInputStream(filename);
BufferedInputStream bis = new BufferedInputStream(in);
KeyStore keystore =
KeyStore.getInstance(KeyStore.getDefaultType());
String pwd = "changeit";
keystore.load(in, pwd.toCharArray());
Is there any way how to validate certificate in TrustManager.
My TrustManager is:
System.out.println("Initialization of Trust Manager");
trustManager = new TrustManager[] {
new X509TrustManager()
{
//X509TrustManager sunJSSEX509TrustManager;
public java.security.cert.X509Certificate[]
getAcceptedIssuers() {
System.out.println("InitializeTrustManager:
getAcceptedIssuers:");
//return
sunJSSEX509TrustManager.getAcceptedIssuers();
return null;
}
public void
checkClientTrusted( java.security.cert.X509Certificate[] certs, String
authType)
{
for(int j=0;j<certs.length;j++)
{
System.out.println("initializeTrustmanager:
checkClientTrusted:" + certs[j] + " authTyp:" + authType);
System.out.println(" Subject DN:
"+certs[j].getSubjectDN());
System.out.println(" Issuer DN:
"+certs[j].getIssuerDN());
System.out.println(" Serial number:
"+certs[j].getSerialNumber());
}
}
public void checkServerTrusted
( java.security.cert.X509Certificate[] certs, String authType) throws
java.security.cert.CertificateException {
for(int i=0;i<certs.length;i++)
{
X509Certificate x509Certificate = certs[i];
System.out.println("InitializeTrustManager:
checkServerTrusted:" +
x509Certificate.getIssuerX500Principal().getName()+"AuthTyp:" +
authType);
System.out.println("InitializeTrustManager:
checkServerTrusted:" + x509Certificate.getIssuerDN());
}
}
public boolean isClientTrusted(X509Certificate[] arg0)
throws CertificateException
{
System.out.println("InitializeTrustManager:
isClientTrusted: ");
return true;
}
public boolean isServerTrusted(X509Certificate[] arg0)
throws CertificateException
{
for(int i=0;i<arg0.length;i++)
{
System.out.println("InitializeTrustManager:
isServerTrusted: "+ arg0[i].getIssuerDN());
}
//TODO
return true;
}
}
};
Thank you in advance
Petr
Back to comp.lang.java.programmer | Previous | Next — Next in thread | Find similar
validation certificate agains cacert Stone <phracek2@gmail.com> - 2011-09-15 23:50 -0700 Re: validation certificate agains cacert Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-09-16 15:57 +0200
csiph-web