[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Verify certificate



I am using the SSLSocket for a simple SSL connection, but I cannot seem
to be able to verify the server certificate. The code I use is as
follows:

    String host="10.10.0.2";

    SSLClientContext context = new SSLClientContext();
    SSLSocket s = new SSLSocket(host, 443, context);
    s.startHandshake();
    X509Certificate[] cert = s.getPeerCertificateChain();
    ChainVerifier verifier = new ChainVerifier();
    if (verifier.verifyChain(cert, null))
	System.out.println("OK");
    else
	System.out.println("Not OK");
 
The host I am connecting to only has a self signed certificate, which I
suppose should not be trusted.  The verifyChain() does however return
true. I guess I am missing something obvious...

Any help is appreciated.

Mårten
-----------------------------------------------------------------
VerifyEasy AB

Mårten Larsson | Stadsgården 10 | S-116 45  Stockholm | SWEDEN
Tel: +46-(0)8-52752503 | Fax: +46-(0)8-52752599 | Mobile:
+46-(0)704-611902 
:::::::::::::::::::::::::::::::::::::::: http://www.verifyeasy.com
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl