Package com.itextpdf.signatures

Class RootStoreVerifier

java.lang.Object
com.itextpdf.signatures.CertificateVerifier
com.itextpdf.signatures.RootStoreVerifier
Direct Known Subclasses:
CRLVerifier, LtvVerifier, OCSPVerifier
@Deprecated public class RootStoreVerifier extends CertificateVerifier
Deprecated.
starting from 8.0.5. CertificateChainValidator should be used instead.
Verifies a certificate against a KeyStore containing trusted anchors.

  • Field Details

    • rootStore

      protected KeyStore rootStore
      Deprecated.
      A key store against which certificates can be verified.

  • Constructor Details

    • RootStoreVerifier

      public RootStoreVerifier (CertificateVerifier verifier)
      Deprecated.
      Creates a RootStoreVerifier in a chain of verifiers.
      Parameters:
      verifier - the next verifier in the chain

  • Method Details

    • setRootStore

      public void setRootStore (KeyStore keyStore)
      Deprecated.
      Sets the Key Store against which a certificate can be checked.
      Parameters:
      keyStore - a root store

    • verify

      public List<VerificationOK> verify (X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException
      Deprecated.
      Verifies a single certificate against a key store (if present).
      Overrides:
      verify in class CertificateVerifier
      Parameters:
      signCert - the certificate to verify
      issuerCert - the issuer certificate
      signDate - the date the certificate needs to be valid
      Returns:
      a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified.
      Throws:
      GeneralSecurityException - thrown if the certificate has expired, isn't valid yet, or if an exception has been thrown in Certificate#verify.