List of usage examples for org.bouncycastle.cert.ocsp OCSPException OCSPException
public OCSPException(String name)
From source file:ee.ria.xroad.signer.certmanager.OcspClient.java
License:Open Source License
static OCSPResp fetchResponse(X509Certificate subject, X509Certificate issuer, PrivateKey signerKey, X509Certificate signer, String signAlgoId) throws Exception { List<String> responderURIs = GlobalConf.getOcspResponderAddresses(subject); log.trace("responder URIs: {}", responderURIs); if (responderURIs.isEmpty()) { throw new ConnectException("No OCSP responder URIs available"); }/*from w ww . j a va2s . co m*/ for (String responderURI : responderURIs) { try { log.trace("fetch response from: {}", responderURI); return fetchResponse(responderURI, subject, issuer, signerKey, signer, signAlgoId); } catch (Exception e) { log.error("Unable to fetch response from responder at {}", responderURI, e); } } throw new OCSPException("Unable to get valid OCSP response from any responders"); }
From source file:ee.ria.xroad.signer.certmanager.OcspClient.java
License:Open Source License
private static void verifyResponse(OCSPResp response) throws Exception { int responseStatus = response.getStatus(); if (responseStatus == OCSPResponseStatus.SUCCESSFUL) { return;// ww w . jav a2 s. c om } if (responseStatus == OCSPResponseStatus.SIG_REQUIRED) { throw new OCSPException("OCSP responder requires request to be signed"); } throw new OCSPException("Invalid OCSP response status: " + responseStatus); }