Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2463)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6622)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5335)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
Server Certificate Validation In Java
How a Java application validates the certificate received from a server? Is the server's certificate automatically trusted?
✍: FYIcenter.com
No. Server's certificate will not be automatically trusted by any Java application. When a Java application receives a certificate from a server, it will try to validate the certificate again trusted certificates following these rules:
1. If JVM system properties: javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword are defined, Java application will search for trusted certificates in the keystore file specified injavax.net.ssl.trustStore.
2. If javax.net.ssl.trustStore is not defined, Java application will search for trusted certificates in the default keystore file located at $JAVA_HOME/lib/security/jssecacerts.
3. If $JAVA_HOME/lib/security/jssecacerts does not exist, Java application will search for trusted certificates in the default keystore file located at $JAVA_HOME/lib/security/cacerts.
4. If a trusted certificate is found and it matches the root certificate in the certificate chain of the server certificate, the server certificate will be considered as trusted and the communication with server will continue.
5. If no trusted certificate is found to match the root certificate in the certificate chain of the server certificate, the server certificate will be considered as not trusted and the communication with server will stop. A Java exception error will be returned.
⇒ What Is JKS (Java KeyStore) File
⇐ Using Certificates with Java VM
2012-07-21, 7267🔥, 0💬
Popular Posts:
How to get certificate detailed properties in Windows PowerShell? You can get detailed properties of...
What EC curves are supported by OpenSSL for generating EC keys? I want a list of all EC curves. If y...
Certificate summary - Owner: GeoTrust Extended Validation SSL CA, See www.geotrust.com/resourc es/cps...
Certificate Summary: Subject: GlobalSign Organization Validation CA - SHA256 - G2 Issuer: GlobalSign...
How to import a my certificate signed by a CA back to my private key and public key entry in my keys...