我想了解有关SignerCTest的一些信息,因为实际上我有一些问题:
在我的主班:
public class XadesTest{
public static void main(String[] args) throws Exception {
SignerCTest signerCTest = new SignerCTest();
System.out.println("signerCTest : " + signerCTest.toString());
signerCTest.testSignC();
}
在我的SignerCTest.class中:
public class SignerCTest extends SignerTestBase
{
//@Test
public void testSignC() throws Exception
{
System.out.println("signC");
Document doc = getTestDocument();
Element elemToSign = doc.getDocumentElement();
ValidationDataProvider vdp = new ValidationDataFromCertValidationProvider(VerifierTestBase.validationProviderNist);
SignerC signer = (SignerC)new XadesCSigningProfile(keyingProviderNist, vdp).newSigner();
new Enveloped(signer).sign(elemToSign);
outputDocument(doc, "document.signed.c.xml");
}
}
我有这些错误:
signerCTest : xadestest.SignerCTest@345b43
signC
Exception in thread "main" xades4j.providers.ValidationDataException: Cannot validate certificate: unable to find valid certification path to requested target
at xades4j.providers.impl.ValidationDataFromCertValidationProvider.getValidationData(ValidationDataFromCertValidationProvider.java:54)
at xades4j.production.SignerC.getFormatSpecificSignatureProperties(SignerC.java:70)
at xades4j.production.SignerBES.sign(SignerBES.java:200)
at xades4j.production.Enveloped.sign(Enveloped.java:69)
at xadestest.SignerCTest.testSignC(SignerCTest.java:45)
at xadestest.XadesTest.main(XadesTest.java:84)
Caused by: xades4j.providers.CannotBuildCertificationPathException: unable to find valid certification path to requested target
at xades4j.providers.impl.PKIXCertificateValidationProvider.validate(PKIXCertificateValidationProvider.java:142)
at xades4j.providers.impl.ValidationDataFromCertValidationProvider.getValidationData(ValidationDataFromCertValidationProvider.java:51)
... 5 more
Java Result: 1
BUILD SUCCESSFUL (total time: 17 seconds)
但是证书在这里很好:
D:\NetBeansProjects_MYSIGN\XadesTest\src\test\cert\my\LG.pfx
D:\NetBeansProjects_MYSIGN\XadesTest\src\test\cert\csrc.nist\test4.p12
所以...我不明白。有谁能够帮助我 ?
谢谢,
威廉。
最佳答案
您使用的测试仅依赖NIST的证书。
测试正在使用的CertificateValidationProvider(VerifierTestBase.validationProviderNist)启用了证书吊销检查。另外,请注意,它是使用CertStore创建的,该反映了csrc.nist文件夹的内容。这意味着csrc.nist文件夹必须包含CRL和其他中间证书,以便提供程序可以构建证书链并检查吊销状态。