Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2461)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6619)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5332)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
Server Certificate Validation In Java
How a Java application validates the certificate received from a server? Is the server's certificate automatically trusted?
✍: FYIcenter.com
No. Server's certificate will not be automatically trusted by any Java application. When a Java application receives a certificate from a server, it will try to validate the certificate again trusted certificates following these rules:
1. If JVM system properties: javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword are defined, Java application will search for trusted certificates in the keystore file specified injavax.net.ssl.trustStore.
2. If javax.net.ssl.trustStore is not defined, Java application will search for trusted certificates in the default keystore file located at $JAVA_HOME/lib/security/jssecacerts.
3. If $JAVA_HOME/lib/security/jssecacerts does not exist, Java application will search for trusted certificates in the default keystore file located at $JAVA_HOME/lib/security/cacerts.
4. If a trusted certificate is found and it matches the root certificate in the certificate chain of the server certificate, the server certificate will be considered as trusted and the communication with server will continue.
5. If no trusted certificate is found to match the root certificate in the certificate chain of the server certificate, the server certificate will be considered as not trusted and the communication with server will stop. A Java exception error will be returned.
⇒ What Is JKS (Java KeyStore) File
⇐ Using Certificates with Java VM
2012-07-21, 7265🔥, 0💬
Popular Posts:
Certificate Summary: Subject: www.elegantthemes.com Issuer: GeoTrust Extended Validation SSL CA Expi...
Certificate Summary: Subject: Equifax Secure Certificate Authority Issuer: Equifax Secure Certificat...
Certificate summary - Owner: *.oakley.com, Akamai Wildcard SSL, Oakley, L=Foothill Ranch, ST=CALIFOR...
Certificate summary - Owner: espn.go.com, WDIG, "Disney Enterprises, Inc", L=Seattle, ST=Washington,...
How to view Java user-level trusted certificates using Java Control Panel? To view Java user-level t...