// Check Validity
try {
certificate.checkValidity();
} catch (Exception e) {
String msg = intres.getLocalizedMessage("authentication.certexpired", CertTools.getNotAfter(certificate).toString());
throw new AuthenticationFailedException(msg);
}
if (requireAdminCertificateInDatabase) {
// TODO: Verify Signature on cert? Not really needed since it's one of ou certs in the database.
// Check if certificate is revoked.
boolean isRevoked = isRevoked(CertTools.getIssuerDN(certificate),CertTools.getSerialNumber(certificate));
if (isRevoked) {
// Certificate revoked or missing in the database
String msg = intres.getLocalizedMessage("authentication.revokedormissing");
throw new AuthenticationFailedException(msg);
}
} else {
// TODO: We should check the certificate for CRL or OCSP tags and verify the certificate status
}
}