Skip to main content


1 reply [Last post]
Joined: 2007-04-13

CertPathValidator.validate is throwing CertPathValidatorException, with getMessage="basic constraints check failed: this is not a CA certificate", with getCertPath showing two certificates, the first certificate being mine and the second certificate being the root CA that mine was derived from, and with getIndex=1. The suspect root CA is also present in the cacerts that is passed via "params". Question is, how can one tell whether a certificate is a root CA or not? No method of or X509Certificate appears to help. Thanks.

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Joined: 2004-12-15

This is JAXP forum. You may want to post this to the other forum :)