You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
will probably use the SUN provider for the `PKIX` certificate path validation algorithm.
224
-
This requires the `com.sun.security.enableCRLDP` system property set to `true` in order to verify the BLOB signature.
221
+
5. If you use the SUN provider for the `PKIX` certificate path validation algorithm, which many deployments do by default:
222
+
set the `com.sun.security.enableCRLDP` system property to `true`.
223
+
This is required for the SUN `PKIX` provider to support the CRL Distribution Points extension,
224
+
which is needed in order to verify the BLOB signature.
225
+
+
225
226
For example, this can be done on the JVM command line using a `-Dcom.sun.security.enableCRLDP=true` option.
226
-
See the https://docs.oracle.com/javase/9/security/java-pki-programmers-guide.htm#JSSEC-GUID-EB250086-0AC1-4D60-AE2A-FC7461374746[Java PKI Programmers Guide]
227
+
See the https://docs.oracle.com/javase/9/security/java-pki-programmers-guide.htm#GUID-EB250086-0AC1-4D60-AE2A-FC7461374746__SECTION-139-623E860E[Java PKI Programmers Guide]
227
228
for details.
229
+
+
230
+
This step may not be necessary if you use a different provider for the `PKIX` certificate path validation algorithm.
0 commit comments