使用openssl时,在ssl测试中提示“此服务器的证书链不完整。等级限制为B”。但是,使用jdkssl时,获得了完整的证书链。
openssl的功能或我的配置不正确吗?
以下是验证客户端代码。
SSLContext context = SSLContext.getInstance("TLS");
X509TrustManager x509m = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
System.out.println("getAcceptedIssuers......");
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("checkServerTrusted......");
//When I use jdkssl the chain'value is all of my server configured.
//But when openssl the chain'value only one
//Why this happened? is my server configuration incorrect or this is openssl's feature?
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("checkClientTrusted......");
}
};
context.init(null, new TrustManager[] { x509m }, new SecureRandom());