Details
-
Type: Bug
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: 6.2.5
-
Fix Version/s: 6.3
-
Component/s: Core/Parsing
-
Labels:None
-
Environment:any
Description
A customer has encountered a signature that is not correctly validated by our validation method. Further analysis is required.
The signature in question contains three certificates chained together. The structure looks something like this:
-SwissSign Qualified Platinum CA 2010 - G2
The original verification code was not correctly passing the intermediate certificates when building the trust anchors and thus verification would always fail. The nice part about his change is that the SwissSign root certification is already added as a trusted cert in the jre keystore. Which means there is no further keystore work required by the end user to verify this signature.
Nice green "validates" icons are now shown.