Doesn't accepting any certificate defeats the purpose of authentication? If you
want to accept any certificate, then you are not doing any authentication.
If you have written your own Realm, then do the verification on your realm
against your dynamic truststore.
-Original Message-
Hi Jorge, thx for your quick reply.
Maybe I did not explain my problem well enough, so let me elaborate it a
bit more.
In our platform clients can upload their self-signed certificates to
allow them to login to our platform.
If we add all client certificates to the static truststore file
Luciana Moreira Sa de Souza Signed by - PrivaSphere AG
s...@privasphere.com wrote in message
news:4afaead4.30...@privasphere.com...
Hi Jorge, thx for your quick reply.
Maybe I did not explain my problem well enough, so let me elaborate it a
bit more.
In our platform clients can upload