WebApp Sec mailing list archives

Re: How to perform SSL certificate validation ?

From: Jason <security () brvenik com>
Date: Sat, 15 Jul 2006 23:15:04 -0400


paseidon76 () yahoo com wrote:

If you are using Java then IAIK library provides excellent support
for everything you need to do with certificate validation. 
http://jcewww.iaik.tu-graz.ac.at/


Why wouldn't one use the native capabilities of Java?

I know less than a little about java but these _should_ be all you need...

import java.security.KeyStore;
import java.security.cert.Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.SSLContext;


In addition to building a chain to a trusted root CA (which will need
a trusted root store and all the intermediate CA certificates) you
may want to verify if the CA's cert was revoked by the root. This can
be done by OCSP request/ reply.

yup


-------------------------------------------------------------------------
 Sponsored by: Watchfire

Cross-Site Scripting (XSS) is one of the most common
application-level attacks that hackers use to sneak into web
applications today. This whitepaper will discuss how traditional CSS
attacks are performed, how to secure your site against these attacks
and check if your site is protected. Cross-Site Scripting Explained -
Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmr
 
--------------------------------------------------------------------------


-------------------------------------------------------------------------
Sponsored by: Watchfire

Cross-Site Scripting (XSS) is one of the most common application-level 
attacks that hackers use to sneak into web applications today. This 
whitepaper will discuss how traditional CSS attacks are performed, how to 
secure your site against these attacks and check if your site is protected. 
Cross-Site Scripting Explained - Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmr
--------------------------------------------------------------------------

Current thread:

Re: How to perform SSL certificate validation ?, (continued)
- Re: How to perform SSL certificate validation ? Ron (Jul 10)
- RE: How to perform SSL certificate validation ? Dominick Baier (Jul 10)
- Re: How to perform SSL certificate validation ? Max (Jul 12)
  - Re: How to perform SSL certificate validation ? Nagareshwar Talekar (Jul 13)
- How to perform SSL certificate validation ? Nagareshwar Talekar (Jul 10)
- RE: How to perform SSL certificate validation ? Wall, Kevin (Jul 11)
  - Re: How to perform SSL certificate validation ? Nagareshwar Talekar (Jul 11)
    - Message not available
    - Fwd: How to perform SSL certificate validation ? Mugdha Bendre (Jul 11)
    - Re: Fwd: How to perform SSL certificate validation ? Devdas Bhagat (Jul 30)
- Re: How to perform SSL certificate validation ? paseidon76 (Jul 15)
  - Re: How to perform SSL certificate validation ? Jason (Jul 15)