Menu
▾
▴
[ebxmlms-develop] Self-signed certificates always trusted?
|
From: Mattias J <ma...@ex...> - 2004-07-21 11:04:52
|
While browsing around the Hermes source code, it seems that the only place
the trusted signing certifcates, i.e.
<DigitalSignature>
<TrustedAnchor>
<KeyStore>
<Path>/hermes</Path>
<File>cacerts</File>
<Password>changeit</Password>
</KeyStore>
</TrustedAnchor>
...
are actually used, is in this code from
hk.hku.cecid.phoenix.pki.ApacheXMLDSigner
594: if (ret == true && trusted != null && certs != null
595: && certs.length > 1 && javaVersion >= 1.4) {
596:
597: logger.debug("start verifying cert path");
598: ret = CertPathVerifier.verify(certs, trusted);
599: logger.debug("verified, result: " + ret);
600: } else {
601: logger.debug("verification of cert path skipped");
602: }
It seems to me, by reading the code (and verifying by some brief testing),
that this implies that self-signed certificates are always trusted, since
the length of their certificate path is always exactly one. Is this
expected behaivour? (Why?) Or should the if statement read certs.length > 0
instead?
It also seems that the trusted certificates can only be used for JDK 1.4
and above, not 1.3.1. Is this documented somewhere?
Or have I misunderstood this altogether? (I have not dug very deep into
it). Is it only the path itself that is verfied? Where then are individual
certificates (including self-signed) verified to be trusted?
Or is the signing certificate itself not supposed to be inserted into the
trusted store, but only it's CA certificate (as suggested by the filename
in the default setting)? Isn't this opposed to how SSL seems works (/should
work), or have I misunderstood the SSL part? (I have so far worked
exclusively with self-signed SSL certificates)
(Anyway, since self-signed certificates are their own CA certificate, they
would/should have to be trusted).
Thanks in advance
Mattias Jiderhamn
Expert Systems
|
