if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(crlPath); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList)));
private TrustManagerFactory loadTrustManagerFactory() throws Exception { if (trustAll) { //This is useful for testing but not should be used outside of that purpose return InsecureTrustManagerFactory.INSTANCE; } else if (truststorePath == null && (truststoreProvider == null || !"PKCS11".equals(truststoreProvider.toUpperCase()))) { return null; } else { TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore trustStore = SSLSupport.loadKeystore(truststoreProvider, truststorePath, truststorePassword); boolean ocsp = Boolean.valueOf(Security.getProperty("ocsp.enable")); boolean initialized = false; if ((ocsp || crlPath != null) && TrustManagerFactory.getDefaultAlgorithm().equalsIgnoreCase("PKIX")) { PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustStore, new X509CertSelector()); if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList))); } } trustMgrFactory.init(new CertPathTrustManagerParameters(pkixParams)); initialized = true; } if (!initialized) { trustMgrFactory.init(trustStore); } return trustMgrFactory; } }
private TrustManagerFactory loadTrustManagerFactory() throws Exception { if (trustAll) { //This is useful for testing but not should be used outside of that purpose return InsecureTrustManagerFactory.INSTANCE; } else if (truststorePath == null && (truststoreProvider == null || !"PKCS11".equals(truststoreProvider.toUpperCase()))) { return null; } else { TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore trustStore = SSLSupport.loadKeystore(truststoreProvider, truststorePath, truststorePassword); boolean ocsp = Boolean.valueOf(Security.getProperty("ocsp.enable")); boolean initialized = false; if ((ocsp || crlPath != null) && TrustManagerFactory.getDefaultAlgorithm().equalsIgnoreCase("PKIX")) { PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustStore, new X509CertSelector()); if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList))); } } trustMgrFactory.init(new CertPathTrustManagerParameters(pkixParams)); initialized = true; } if (!initialized) { trustMgrFactory.init(trustStore); } return trustMgrFactory; } }
if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(crlPath); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList)));
private TrustManagerFactory loadTrustManagerFactory() throws Exception { if (trustAll) { //This is useful for testing but not should be used outside of that purpose return InsecureTrustManagerFactory.INSTANCE; } else if (truststorePath == null && (truststoreProvider == null || !"PKCS11".equals(truststoreProvider.toUpperCase()))) { return null; } else { TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore trustStore = SSLSupport.loadKeystore(truststoreProvider, truststorePath, truststorePassword); boolean ocsp = Boolean.valueOf(Security.getProperty("ocsp.enable")); boolean initialized = false; if ((ocsp || crlPath != null) && TrustManagerFactory.getDefaultAlgorithm().equalsIgnoreCase("PKIX")) { PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustStore, new X509CertSelector()); if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList))); } } trustMgrFactory.init(new CertPathTrustManagerParameters(pkixParams)); initialized = true; } if (!initialized) { trustMgrFactory.init(trustStore); } return trustMgrFactory; } }
if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(crlPath); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList)));
if (crlPath != null) { pkixParams.setRevocationEnabled(true); Collection<? extends CRL> crlList = loadCRL(crlPath); if (crlList != null) { pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlList)));