仅考虑客户端的java.security.cert.X509Certificate,如何使用OCSP在Java中手动检查证书吊销状态?我看不到明确的方法。
或者,我可以让tomcat自动为我做这件事,您怎么知道您的解决方案是正确的?
我找到了一个最出色的解决方案:
http://www.docjar.com/html/api/sun/security/provider/certpath/OCSP.java.html
/**
54 * This is a class that checks the revocation status of a certificate(s) using
55 * OCSP. It is not a PKIXCertPathChecker and therefore can be used outside of
56 * the CertPathValidator framework. It is useful when you want to
57 * just check the revocation status of a certificate, and you don't want to
58 * incur the overhead of validating all of the certificates in the
59 * associated certificate chain.
60 *
61 * @author Sean Mullan
62 */
它具有完成此操作的方法check(X509Certificate clientCert,X509Certificate issuerCert)!
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句