I have a list of X509 CRL’s. I need to identify some of them somehow. Right now I do it using issuer: But there’s gotta be a better way to do that using knowledge of CRL file format, maybe with comparing public keys or something like that, but I don’t know much about X509CRL’s. Can som…
Tag: x509certificate
How to generate self-signed certificate in Java with JDK17
tl,dr; Is there a native Java17 solution to generate self-signed certificate, either via standard library (very unlikely) or some slim, lightweight library? There is a similar question (Access `sun.security.x509` in JDK 11 without modules?, asked by me) because starting with JDK11 access to internal JDK packa…
Authorized responder for an OCSP response not validating with CertPathValidator
I’m trying to validate a certificate path with stapled OCSP checking through CertPathValidator. There might be some RFC-protocol that prohibits what I expect to validate just fine, but I’ve been unable to find this. Some paint art to describe relations between certificates discussed: overview When…
java.lang.NoSuchMethodError: org.bouncycastle.asn1.x509.GeneralName.getDERObject()
I have done migrating project from itext2.1.7.jar to itext5.5.13.jar but While testing the pdf which are having signatures am getting the below error: java.lang.NoSuchMethodError: org.bouncycastle.asn1.x509.GeneralName.getDERObject() This is the method where I am getting error: In my class path I have placed:…
Decrypt file using .pfx certificate in Java
I have an .pfx file and a password for the file. I would like to decrypt a RSA encrypted file using Java. Basically the same approach like here (c#), but in java: https://stackoverflow.com/a/37894914/13329087 is this possible? my approach so far: this produces an Error: Answer Unfortunately you didn’t p…
KeyUsage does not allow digital signatures
I’m trying to send HTTPS request from my Java EE program to the host that requires certificate authentication. I have a proper keystore file, truststore with imported CA, the listing of both shows that certificates are inside. But I receive the following error: Viewing the certificate contents in the pa…
How to extract CN from X509Certificate in Java?
I am using a SslServerSocket and client certificates and want to extract the CN from the SubjectDN from the client’s X509Certificate. At the moment I call cert.getSubjectX500Principal().getName() but this of course gives me the total formatted DN of the client. For some reason I am just interested in th…