Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

X509Certificate Authentication

 
Tony Nguyen
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
How do we perform the X509Certificate authentication in java? Say I have the sender certificate(which contains its public key), the singed data, and its signature. How do i verify this against the root trusted CA in cacerts to make sure that this certificate was actually given by a CA that we trusted?
Thanks for any advise/recommend.
Pen.
 
Mark Mescher
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, you need the SenderCert as x509certificateobject and the public key of the CA (or better the whole cert:-)). Than use the following:

senderCert.verify(cacert.getPublicKey());

This returns true if the sendercert is valid.
Bye
Mark
 
Tony Nguyen
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I did the verify against all certificate in cacerts file, but receive the error: Public key presented not for certificate signature eventhought my test sendercert was issued from Thawte and i did import thawte root in to cacerts as trustedcert.
Thanks for any advise.
 
Ilja Preuss
author
Sheriff
Posts: 14112
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Moving to Security...
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic