如何通过CertPathValidator
轻松将撤销的证书附加到证书验证?
这是我目前的代码:
public boolean validateCertificate(X509Certificate certificate) {
try {
// Create trust anchor from current CA X509Certificate
TrustAnchor trustAnchor = new TrustAnchor(this.getCACertificate(), null);
// This is the certificate which should be validated
CertPath cp = CertificateFactory.getInstance("X.509").generateCertPath(Collections.singletonList(certificate));
CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
// TODO: Add the list with the revoked certificates
List<X509Certificate> crl = new ArrayList<>();
PKIXParameters pkixParams = new PKIXParameters(Collections.singleton(trustAnchor));
pkixParams.setRevocationEnabled(false);
CertPathValidatorResult result = cpv.validate(cp, pkixParams);
return true;
} catch (Exception e) {
// e.printStackTrace();
return false;
}
}
我阅读了很多,但我没有找到任何简单的解决方案,因为我目前没有使用KeyStore
或CertStore
。
提前致谢!