complete certificate path validation

Florian Weimer fweimer at bfk.de
Tue Jul 12 00:20:58 PDT 2011


* David Pomeroy:

> It looks like the Sun JSSE provider does not support this
> configuration.

If you supply your own X509TrustManager implementation, I'm pretty sure
you can get it to work.  It definitely works if the client supplies a
self-signed certificate, and I see no reason why it wouldn't if it's not
self-signed.

-- 
Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99



More information about the security-dev mailing list