Package com.itextpdf.signatures

Class CertificateVerifier

java.lang.Object
com.itextpdf.signatures.CertificateVerifier
Direct Known Subclasses:
RootStoreVerifier
public class CertificateVerifier extends Object
Superclass for a series of certificate verifiers that will typically be used in a chain. It wraps another CertificateVerifier that is the next element in the chain of which the verify() method will be called.

  • Field Details

    • verifier

      protected CertificateVerifier verifier
      The previous CertificateVerifier in the chain of verifiers.

    • onlineCheckingAllowed

      protected boolean onlineCheckingAllowed
      Indicates if going online to verify a certificate is allowed.

  • Constructor Details

    • CertificateVerifier

      public CertificateVerifier (CertificateVerifier verifier)
      Creates the final CertificateVerifier in a chain of verifiers.
      Parameters:
      verifier - the previous verifier in the chain

  • Method Details

    • setOnlineCheckingAllowed

      public void setOnlineCheckingAllowed (boolean onlineCheckingAllowed)
      Decide whether or not online checking is allowed.
      Parameters:
      onlineCheckingAllowed - a boolean indicating whether the certificate can be verified using online verification results.

    • verify

      public List<VerificationOK> verify (X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException
      Checks the validity of the certificate, and calls the next verifier in the chain, if any.
      Parameters:
      signCert - the certificate that needs to be checked
      issuerCert - its issuer
      signDate - the date the certificate needs to be valid
      Returns:
      a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified.
      Throws:
      GeneralSecurityException - thrown if the certificate has expired, isn't valid yet, or if an exception has been thrown in Certificate#verify.