This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes Security and the fly likes which Java API should be used to validate server certificate Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "which Java API should be used to validate server certificate" Watch "which Java API should be used to validate server certificate" New topic
Author

which Java API should be used to validate server certificate

Tanya Sawant
Greenhorn

Joined: Jun 10, 2012
Posts: 3
Hi,
I am a newbie to Java Security API's.
I want to validate server certificate using Java API's at client side.
after some goggling, i came across following API's that can help me to do this task
1) JSSE API - Java Secure Socket Extension
2) PKI API - Public key infrastructure API
3) java.security.cert package.

Can someone help me out regarding which package to use from the above ones ???
The kind of validations i would like to do are -
1) Hostname verification
2) Checking whether the certificate is signed by CA which client trusts
3) send a message using server's public key found from certificate to check whether server is able to decrypt as only valid server will have the private key to decrypt and encrypt that message.
4) Check whether certificate is expired or not
5) verify the signature on the certificate

Also please guide me what other validations should be done to ensure that i am talking to a valid server and not fake one. and how many validations from the above must be done?
 
jQuery in Action, 2nd edition
 
subject: which Java API should be used to validate server certificate