Example usage for java.security.cert CertPathValidatorResult toString

List of usage examples for java.security.cert CertPathValidatorResult toString

  1. HOME
  2. Java
  3. java
  4. java.security.cert.*
  5. CertPathValidatorResult
  6. toString

Introduction

In this page you can find the example usage for java.security.cert CertPathValidatorResult toString.

Prototype

public String toString()

Source Link

Document

Returns a string representation of the object.

Usage

From source file:com.vmware.identity.idm.server.clientcert.IdmCertificatePathValidator.java

/**
 * Validate the certificate path using a provided OCSP responder configuration.
 *
 * @param certPath      required//  w  w  w . ja va  2  s . co  m
 * @param crlCollection
 * @param certStore     null possible cert store for PKIX param
 * @param altOCSP       null possible
 * @throws CertificateRevocationCheckException
 * @throws IdmCertificateRevokedException
 */
private void validateCertPath(CertPath certPath, Collection<Object> crlCollection, CertStore certStore,
        AlternativeOCSP altOCSP) throws CertificateRevocationCheckException, IdmCertificateRevokedException {

    setupOCSPOptions(certPath, altOCSP);
    PKIXParameters params = createPKIXParameters(crlCollection);

    if (null != certStore) {
        params.addCertStore(certStore);
    }

    CertPathValidator certPathValidator;
    try {
        certPathValidator = CertPathValidator.getInstance("PKIX");
    } catch (NoSuchAlgorithmException e) {
        throw new CertificateRevocationCheckException("Error getting PKIX validator instance:" + e.getMessage(),
                e);
    }

    try {
        String pkiParam = params.toString();
        logger.trace("**Certificate Path Validation Parameters trust anchors **\n"
                + params.getTrustAnchors().toString() + "\n");

        logger.trace("**Certificate Path Validation Parameters **\n" + pkiParam + "\n");

        CertPathValidatorResult result = certPathValidator.validate(certPath, params);

        logger.trace("**Certificate Path Validation Result **\n" + result.toString() + "\n");
    } catch (CertPathValidatorException e) {
        if (e.getReason() == CertPathValidatorException.BasicReason.REVOKED) {
            throw new IdmCertificateRevokedException("CRL shows certificate status as revoked");
        } else if (e.getReason() == CertPathValidatorException.BasicReason.UNDETERMINED_REVOCATION_STATUS) {
            throw new CertRevocationStatusUnknownException(
                    "CRL checking could not determine certificate status.");
        }
        throw new CertificateRevocationCheckException("Certificate path validation failed:" + e.getMessage(),
                e);
    } catch (InvalidAlgorithmParameterException e) {
        throw new CertificateRevocationCheckException(
                "Certificate validation parameters invalid, could not validate certificate path:"
                        + e.getMessage(),
                e);
    }

}