in src/main/java/org/jetbrains/nativecerts/win32/Crypt32ExtUtil.java [40:79]
public static Collection<X509Certificate> getCustomTrustedRootCertificates() {
HashSet<X509Certificate> result = new HashSet<>();
for (Map.Entry<String, Integer> entry : customTrustedCertificatesLocations.entrySet()) {
List<X509Certificate> root = gatherEnterpriseCertsForLocation(entry.getValue(), "ROOT");
List<X509Certificate> intermediates = gatherEnterpriseCertsForLocation(entry.getValue(), "CA");
if (LOGGER.isLoggable(Level.FINE)) {
StringBuilder message = new StringBuilder();
message.append("Received ").append(root.size()).append(" certificates from store ROOT / ").append(entry.getKey());
for (X509Certificate certificate : root) {
message.append("\n ROOT/").append(entry.getKey()).append(": ").append(certificate.getSubjectX500Principal());
}
message.append("\nReceived ").append(intermediates.size()).append(" certificates from store CA (Intermediates) / ").append(entry.getKey());
for (X509Certificate certificate : intermediates) {
message.append("\n CA/").append(entry.getKey()).append(": ").append(certificate.getSubjectX500Principal());
}
LOGGER.fine(message.toString());
}
result.addAll(root);
for (X509Certificate intermediate : intermediates) {
try {
validateCertificate(intermediate.getEncoded());
result.add(intermediate);
} catch (Throwable t) {
LOGGER.log(
Level.FINE,
"Unable to validate whether certificate '" + intermediate.getSubjectX500Principal() + "' is trusted: " + t.getMessage(),
t);
}
}
}
return result;
}