I've searched quite
a bit but have found nothing on how to get WSS4J to verify the root X509
certificate. Can anyone tell me how or point me to an
example?
I am using WSS4J
programatically (not under Axis) to sign and verify SOAP messages. Using
the WSSecSignature and WSSecurityEngine classes I have gotten thing
things working well except that the root certificate is not
verified. I have been using a self-signed cert for testing and passing the
cert in the BinarySecurityToken. Any certificate seems to be trusted, in
fact I can even use an empty keystore on the server.
Rick
Hansen
