Colm - No, I don't have any better suggestions. In fact, subclassing Merlin and adding a method to configure additional PKIX parameters is exactly what I did.
Thanx, Stephen W. Chappell -----Original Message----- From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Friday, April 03, 2015 9:47 AM To: users@cxf.apache.org Subject: Re: Using a custom CertPathChecker Hi Stephen, There is no way to add CertPathCheckers at the moment, beyond subclassing Merlin and overriding the "verifyTrust" method. I could add a method to customize the PKIXParameters object though, that could be overridden by a subclass though which would be better. Or do you have any other suggestions? Colm. On Tue, Mar 24, 2015 at 8:11 PM, <stephen.ctr.chapp...@faa.gov> wrote: > I have a requirement to use a custom CertPathChecker in my code. With > "bare" JVM, I can add the checker to my PKIXParameters and validate away. > But, using Merlin (in WSS4J 1.6.17), there don't appear to be any > hooks to add a custom checker or customize the PKIXParameters that are being > used. > Is there some other means for adding a custom checker to the list that > isn't so obvious? I could subclass Merlin and sort of brute force it > in if necessary, but if there's another way to set that up I would > much rather do that. > > Stephen W. Chappell > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com