Rampart module fails validating certificate when security provider is Bouncy
Castle
-----------------------------------------------------------------------------------
Key: AXIS2-4513
URL: https://issues.apache.org/jira/browse/AXIS2-4513
Project: Axis 2.0 (Axis2)
Issue Type: Bug
Components: modules
Affects Versions: 1.5
Environment: Java 1.5, Tomcat 6, Axis2 1.5, rampart 1.4
Reporter: Ricardo Tercero Lozano
I found an error in class 'PolicyBasedResultsValidator', method 'verifyTrust'.
This method gets de subject and issuer to operate.
String subjectString = cert.getSubjectDN().getName();
String issuerString = cert.getIssuerDN().getName();
BigInteger issuerSerial = cert.getSerialNumber();
when using Bouncy Castle as security provider 'getSubjectDN' and 'getIssuerDN'
returns a DN String representation that can be different from the one on the
certificate (which is my case).
On bouncy castle devel list, they recommend using 'getSubjectX500Principal' and
'getIssuerX500Principal' instead of 'DN' methods. These methods returns the
values on the certificate, so matching could be right.
String subjectString = cert.getSubjectX500Principal().getName();
String issuerString = cert.getIssuerX500Principal().getName();
BigInteger issuerSerial = cert.getSerialNumber();
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
