seeker
seeker

Reputation: 7011

How to verify a certificate using .cer file in Java

I'm trying to verify a certificate , that was given to me using Java, in the following manner

        try{
        FileInputStream fr = new FileInputStream(pathtoCertificate);
        CertificateFactory cf =   CertificateFactory.getInstance("X509");
        X509Certificate c = (X509Certificate) 
                            cf.generateCertificate(fr);
        System.out.println("++++Certificate Verification++++++++");
        PublicKey pk = c.getPublicKey();
        c.verify(pk);....//63
System.out.println("++This certificate is VALID++");
    .....

    }
    catch(CertificateException e){
                e.printStackTrace();
                System.out.println("Certificate is Invalid");
            }

However, I keep getting the following error

java.security.SignatureException: Signature does not match.
    at sun.security.x509.X509CertImpl.verify(Unknown Source)
    at sun.security.x509.X509CertImpl.verify(Unknown Source)
    at Main.printCertificate(Main.java:63)
    at Main.main(Main.java:41)

I've only been provided with a certificate file(which I need to verify), a private key(corresponding to the above file ) and a certificate from a CA. I'm quite new to Java Security. So any thoughts on how I could verify the certificate file would be great.

Upvotes: 4

Views: 7106

Answers (1)

seeker
seeker

Reputation: 7011

Well I finally figured it out. For folks who may reach here in the future. The reason the error was being thrown is that the certificate in my case was not self signed . Therefore I merely had to use the certificate issued by the CA(as mentioned in my Q) to verify the public key. The rest remained the same.

Upvotes: 3

Related Questions