Java/Keystore Verify Signed certificate
问题 I'm working on a client-cert authentication between a embedded jetty server and a client. They both use keystore. The client certificate is signed by the server's certificate which is signed by a CA. Jetty use 2 method to authenticate a client certificate, javax.net.ssl.SSLEngine which seems to work and they also use the code above. List<X509Certificate> certList = Certificate chain sent by the client KeyStore truststore = server's truststore //No use of CRL/OSCP/CRLDP _crls = null;