try {
certFactory = CertificateFactory.getInstance("X.509");
messageDigest = MessageDigest.getInstance("SHA-256"); // use this to clone
- tmf = TrustManagerFactory.getInstance(SecurityInfoC.SslKeyManagerFactoryAlgorithm);
+ tmf = TrustManagerFactory.getInstance(SecurityInfoC.SSL_KEY_MANAGER_FACTORY_ALGORITHM);
} catch (Exception e) {
throw new RuntimeException("X.509 and SHA-256 are required for X509Taf",e);
}
if(certarr!=null && certarr.length>0) {
si.checkClientTrusted(certarr);
// Note: If the Issuer is not in the TrustStore, it's not added to the Cert list
- if(cadiIssuers.contains(certarr[0].getIssuerDN().toString())) {
+ String issuer = certarr[0].getIssuerDN().toString();
+ if(cadiIssuers.contains(issuer)) {
String subject = certarr[0].getSubjectDN().getName();
// avoiding extra object creation, since this is validated EVERY transaction with a Cert
int at = subject.indexOf('@');