I have Self Signed Certificates and I have implemented the custom trust manager to check the validity of the client certificate. It throws exception on handshake regarding expired certificate. Is there a way to send a JSON response to the client?
public TrustManager[] sslContextConfiguration() throws GeneralSecurityException
{
// Create our custom trust manager to validate the certificates
TrustManager[] trustManager = new TrustManager[]
{
new X509TrustManager()
{
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
return new X509Certificate[]{};
}
/**
* This method checks the validity of the certificates of the server in trust store
* This will be used when Embedded SW will be a client to the remote services
*
* @param certs array of certificates
* @param authType authentication type
*/
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
throws CertificateException
{
checkCertificateValidity(certs);
}
/**
* This method checks the validity of the certificates of the clients in trust store
* This will be used when Embedded SW will be a server to external softwares
*
* @param certs array of certificates
* @param authType authentication type
*/
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
throws CertificateException
{
checkCertificateValidity(certs);
}
}
};
return trustManager;
}
/**
* Method to check the validity / expiry of the certificates
*
* @param certs
*/
public void checkCertificateValidity(java.security.cert.X509Certificate[] certs)
throws CertificateException
{
for (X509Certificate certificate : certs)
{
//Explicit Check for Certificate Validity This method throws exception
certificate.checkValidity();
}
}