use of ee.ria.xroad.common.cert.CertChain in project X-Road by nordic-institute.
the class AuthTrustVerifier method verifyAuthCert.
private static void verifyAuthCert(ClientId serviceProvider, X509Certificate[] certs, URI address) throws Exception {
CertChain chain;
List<OCSPResp> ocspResponses;
try {
List<X509Certificate> additionalCerts = Arrays.asList((X509Certificate[]) ArrayUtils.subarray(certs, 1, certs.length));
chain = CertChain.create(serviceProvider.getXRoadInstance(), certs[0], additionalCerts);
ocspResponses = getOcspResponses(chain.getAllCertsWithoutTrustedRoot(), address.getHost());
} catch (CodedException e) {
throw e.withPrefix(X_SSL_AUTH_FAILED);
}
CertHelper.verifyAuthCert(chain, ocspResponses, serviceProvider);
}
Aggregations