Path: csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder3.hal-mli.net!news.glorb.com!postnews.google.com!d2g2000vbk.googlegroups.com!not-for-mail
From: Stone <phracek2@gmail.com>
Newsgroups: comp.lang.java.programmer
Subject: validation certificate agains cacert
Date: Thu, 15 Sep 2011 23:50:08 -0700 (PDT)
Organization: http://groups.google.com
Lines: 91
Message-ID: <47a06322-6497-421f-9572-705ae5bcb367@d2g2000vbk.googlegroups.com>
NNTP-Posting-Host: 62.134.46.4
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
X-Trace: posting.google.com 1316155890 20028 127.0.0.1 (16 Sep 2011 06:51:30 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Fri, 16 Sep 2011 06:51:30 +0000 (UTC)
Complaints-To: groups-abuse@google.com
Injection-Info: d2g2000vbk.googlegroups.com; posting-host=62.134.46.4; posting-account=IOeCfwoAAAA_VejOv6qSgFbw-0eHdS9A
User-Agent: G2/1.0
X-Google-Web-Client: true
X-Google-Header-Order: HUALESRCNK
X-HTTP-UserAgent: Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2,gzip(gfe)
Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:8070

Dear programmers,

I would like to ask you if there is any way how to compare certificate
against cacerts file.
I have already loaded certificate in keystore like:

      CertificateFactory cf = CertificateFactory.getInstance("X.509");
      String filename = System.getProperty("java.home")+"/lib/security/
cacerts".replace('/', File.separatorChar);
      System.out.println(filename);
      FileInputStream in = new FileInputStream(filename);
      BufferedInputStream bis = new BufferedInputStream(in);
      KeyStore keystore =
KeyStore.getInstance(KeyStore.getDefaultType());
      String pwd = "changeit";
      keystore.load(in, pwd.toCharArray());

Is there any way how to validate certificate in TrustManager.
My TrustManager is:
        System.out.println("Initialization of Trust Manager");
        trustManager = new TrustManager[] {
            new X509TrustManager()
            {
                //X509TrustManager sunJSSEX509TrustManager;
                public java.security.cert.X509Certificate[]
getAcceptedIssuers()  {
                    System.out.println("InitializeTrustManager:
getAcceptedIssuers:");
                    //return
sunJSSEX509TrustManager.getAcceptedIssuers();
                    return null;
                }

                public void
checkClientTrusted( java.security.cert.X509Certificate[] certs, String
authType)
                {
                    for(int j=0;j<certs.length;j++)
                    {
                        System.out.println("initializeTrustmanager:
checkClientTrusted:" + certs[j] + " authTyp:" + authType);
                        System.out.println(" Subject DN:
"+certs[j].getSubjectDN());
                        System.out.println(" Issuer DN:
"+certs[j].getIssuerDN());
                        System.out.println(" Serial number:
"+certs[j].getSerialNumber());

                    }
                }

                public void checkServerTrusted
( java.security.cert.X509Certificate[] certs, String authType) throws
java.security.cert.CertificateException {
                    for(int i=0;i<certs.length;i++)
                    {
                        X509Certificate x509Certificate = certs[i];
                        System.out.println("InitializeTrustManager:
checkServerTrusted:" +
x509Certificate.getIssuerX500Principal().getName()+"AuthTyp:" +
authType);
                        System.out.println("InitializeTrustManager:
checkServerTrusted:" + x509Certificate.getIssuerDN());

                    }

                }
                public boolean isClientTrusted(X509Certificate[] arg0)
throws CertificateException
                {
                    System.out.println("InitializeTrustManager:
isClientTrusted: ");
                    return true;
                }
                public boolean isServerTrusted(X509Certificate[] arg0)
throws CertificateException
                {
                    for(int i=0;i<arg0.length;i++)
                    {
                        System.out.println("InitializeTrustManager:
isServerTrusted: "+ arg0[i].getIssuerDN());
                    }
                    //TODO
                    return true;
                }
            }
        };


Thank you in advance
Petr