我正在尝试检查链(3个证书):
CertPath certPath = new X509CertPath(chainCertificates);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
try {
validator.validate(certPath, new PKIXParameters(Collections.singleton(trustAnchor)));
} catch (CertPathValidatorException e) {
//exception here
}
因此,如果我将根证书用作TrustAnchor,则一切正常。但是,如果我尝试使用“中级”证书,则会出现以下异常:
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
是否有任何“标准”方法来针对“中间”证书或根证书和“中间”证书来验证证书链?