You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/03/31 12:36:15 UTC
svn commit: r1875932 -
/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java
Author: tilman
Date: Tue Mar 31 12:36:14 2020
New Revision: 1875932
URL: http://svn.apache.org/viewvc?rev=1875932&view=rev
Log:
PDFBOX-3017, PDFBOX-3888: recover from OCSP exception and improve output
Modified:
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java
Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java?rev=1875932&r1=1875931&r2=1875932&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java (original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java Tue Mar 31 12:36:14 2020
@@ -201,10 +201,12 @@ public final class CertificateVerifier
{
verifyOCSP(ocspHelper, additionalCerts);
}
- catch (IOException ex)
+ catch (IOException | OCSPException ex)
{
- // happens with 021496.pdf because OCSP responder no longer exists
- LOG.warn("IOException trying OCSP, will try CRL", ex);
+ // IOException happens with 021496.pdf because OCSP responder no longer exists
+ // OCSPException happens with QV_RCA1_RCA3_CPCPS_V4_11.pdf
+ LOG.warn("Exception trying OCSP, will try CRL", ex);
+ LOG.warn("Certificate# to check: " + cert.getSerialNumber().toString(16));
CRLVerifier.verifyCertificateCRLs(cert, signDate, additionalCerts);
}
}