Reputation: 449
I need to validate X509 Certificate using OCSP using http proxy. Here is my code:
List<X509Certificate> certificates = Collections.singletonList(certificate);
CertPath cp = factory.generateCertPath(certificates);
Set<TrustAnchor> trust = new HashSet<>();
trust.add(new TrustAnchor(issuerCertificate, null));
PKIXParameters params = new PKIXParameters(trust);
params.setRevocationEnabled(true);
CertPathValidator cpv =
CertPathValidator.getInstance(CertPathValidator.getDefaultType());
PKIXCertPathValidatorResult validationResult =
(PKIXCertPathValidatorResult) cpv.validate(cp, params);
I know, that I can set proxy using System.setProperty("http.proxyHost", "...") but I need to set it only for my request, not for whole system.
Upvotes: 2
Views: 1203
Reputation: 449
I found the easiest way to write own OCSP verification code based on one of Apache Open Source projects Apache Open Source projects and extend it to use configurable HTTP proxy for request
Upvotes: 0