If the trust repository should contain only root CA certificates (which seems to be recommended from what I read), how can you restrict access to certain parties (and not to any side verified by the CA in the trust repository).
More details:
I have two java applications - lets call them A and B, which use SSL to protect messages. A and B have a client and server part for sending (client) and receiving (server) messages. The client uses the key stored in client.keystore, the server uses the key in server.keystore, and both use one trust store to authenticate another application (for example, application A has 3 key stores, application B has 3 key stores).
So far, I have used keytools to generate keys for the client and server, signed them (with my own test CA) and uploaded the signed certificates back to the keystore. I do this for applications A and B. To get SSL confirmation, I found that trust centers must contain a CA certificate used to sign other application keys (therefore, trust storage for application A must contain a CA certificate used to sign client and server application keys B and vice versa).
It still makes sense, but since the trust store contains a root CA certificate, I can generate another set of keys, sign them with the same CA and accept them with a different application - in other words, application B will accept rogue agents who appears as application A if it has keys signed by the root certification authority.
Does SSL have a mechanism to prevent this? I tried to import the public keys for the client and server of application A into the trust store of application B (and vice versa), but without the root certificate, SSL acknowledgment will not be completed.
source
share