aspose file tools*
The moose likes Security and the fly likes X509Certificate Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "X509Certificate Authentication" Watch "X509Certificate Authentication" New topic
Author

X509Certificate Authentication

Tony Nguyen
Greenhorn

Joined: Feb 07, 2005
Posts: 2
Hi,
How do we perform the X509Certificate authentication in java? Say I have the sender certificate(which contains its public key), the singed data, and its signature. How do i verify this against the root trusted CA in cacerts to make sure that this certificate was actually given by a CA that we trusted?
Thanks for any advise/recommend.
Pen.
Mark Mescher
Ranch Hand

Joined: Oct 25, 2004
Posts: 34
Hi, you need the SenderCert as x509certificateobject and the public key of the CA (or better the whole cert:-)). Than use the following:

senderCert.verify(cacert.getPublicKey());

This returns true if the sendercert is valid.
Bye
Mark
Tony Nguyen
Greenhorn

Joined: Feb 07, 2005
Posts: 2
I did the verify against all certificate in cacerts file, but receive the error: Public key presented not for certificate signature eventhought my test sendercert was issued from Thawte and i did import thawte root in to cacerts as trustedcert.
Thanks for any advise.
Ilja Preuss
author
Sheriff

Joined: Jul 11, 2001
Posts: 14112
Moving to Security...


The soul is dyed the color of its thoughts. Think only on those things that are in line with your principles and can bear the light of day. The content of your character is your choice. Day by day, what you do is who you become. Your integrity is your destiny - it is the light that guides your way. - Heraclitus
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: X509Certificate Authentication
 
Similar Threads
How to sign a certificate?
as of release 5, 'enum' is a keyword...
Certificate Trust
No trusted certificate found : when opeing a ssl connection from behind the proxy.