PKIXCertPathReviewer using provider with name "BC" instead of "BCFIPS" #2007

kamranattari4192 · 2025-03-02T20:26:36Z

Hi,

I am trying to use all BC Fips jars to make our product FIPS compliant. For certificate path validation, I try to use class org.bouncycastle.pkix.jcajce.PKIXCertPathReviewer from bcpkix-fips-2.0.7.jar. Its init method is throwing IllegalStateException: unable to rebuild certpath.
When I checked the source code of PKIXCertPathReviewer.java, I found it has following code:
try
{
CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");

            this.certPath = cf.generateCertPath(certs);
        }
        catch (GeneralSecurityException e)
        {
            throw new IllegalStateException("unable to rebuild certpath");
        }

I am confused why it provided "BC" as provider name to CertificateFactory.getInstance method instead of "BCFIPS". How can I use this class with "BCFIPS" provider?

The text was updated successfully, but these errors were encountered:

winfriedgerlach added the support request Community assistance requested label Mar 4, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PKIXCertPathReviewer using provider with name "BC" instead of "BCFIPS" #2007

PKIXCertPathReviewer using provider with name "BC" instead of "BCFIPS" #2007

kamranattari4192 commented Mar 2, 2025 •

edited

Loading

PKIXCertPathReviewer using provider with name "BC" instead of "BCFIPS" #2007

PKIXCertPathReviewer using provider with name "BC" instead of "BCFIPS" #2007

Comments

kamranattari4192 commented Mar 2, 2025 • edited Loading

kamranattari4192 commented Mar 2, 2025 •

edited

Loading