[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] TrustManager cert chain validation



Hi folks,
 
just a quick question regarding the cert validation capabilities of the TrustManager:
 
Assuming I have initialised the TM with a root CA, (explicitly trusted for digital signature), is it possible to present an end-entity certificate (previously issued by the trusted CA) and have TM build the path from the end-entity cert up to the CA?
 
I've been playing around with TM, and I'm having trouble trying to get this simple task to work. It seems like the TM does not construct the cert path at all. When calling Trustmanager.getTrustedCertChain(), I only get the end-entity cert.
 
Am I missing something obvious, or does TM not currently construct cert paths?
 
If it's a case of me missing something obvious, does anyone have some demo programs that might help me out?
 
Any help would be appreciated!
 
Thanks,
 
Andy