我有一個證書鏈作爲der編碼的byte [] []數組來驗證。我也有一個信任庫文件。驗證來自truststore的Java證書鏈
當我從該字節數組[] []創建X509Certificate []並初始化trustmanager後,如何告訴TrustManager驗證X509Certificate []?什麼是正確的方法來做到這一點?
謝謝。
示例代碼:
int certVerify(byte certChain[][])
{
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate certx[] = new X509Certificate[10];
for(int i=0;i<certChain.length;i++)
{
certx[i] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(certChain[i]));
}
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream("cacerts.jks"),"123456".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
}