Java Trust Library

Java X509 Certificate Trust Library

This Java library provides an implementation of a PKI validation algorithm for X509 certificates.

The jTrust library features OCSP and CRL revocation checking, automatic CRL fallback when OCSP fails, CRL caching, and a clean architecture that is ready for a scalable trust service implementation.

Maven

The Java library is available within the e-contract.be Maven repository. Configure this Maven repository within your pom.xml as follows:

<repositories>
        <repository>
                <id>e-contract.be</id>
                <url>https://www.e-contract.be/maven2/</url>
        </repository>
</repositories>

Add the library within your pom.xml dependencies element as follows:

<dependency>
        <groupId>be.fedict.jtrust</groupId>
        <artifactId>jtrust-lib</artifactId>
        <version>2.1.0</version>
</dependency>

Usage

Next example demonstrates the basic usage of the TrustValidator.

List<X509Certificate> certificateChain = ...

TrustValidator trustValidator =
    BelgianTrustValidatorFactory.createTrustValidator();

trustValidator.isTrusted(certificateChain);

Notice: the BouncyCastle Security provider should be registered in the JCA.

Javadoc API documentation