Verifying certificate use

摘要

A method, system, and computer usable program product for verifying certificate use are provided in the illustrative embodiments. A secure data communication is directed to a certificate use verification application. A test certificate that may be stored in a data storage associated with a data processing system is presented to an originator of the secure data communication. The test certificate includes an identity, and the identity identifies an entity other than the intended party to the secure data communication as being the holder of the test certificate. A determination is made whether the originator responds to continue the secure data communication when presented with the test certificate. If the originator responds to continue the secure data communication, a report is made that the originator does not perform a verification of the identity from the test certificate.

主权项

1. A method for verifying certificate use, the method comprising:
transmitting by a certificate use verification application executing in conjunction with a proxy server, to a certificate using application, a message including a test certificate during a secure data communication, the test certificate being invalid with respect to a characteristic of the secure data communication; determining whether the certificate using application responds to continue the secure data communication by exchanging a session key for the secure data communication instead of an error after processing the message including the test certificate; establishing, responsive to the certificate using application responding to continue the secure data communication, that the certificate using application does not perform correct certificate use in a secure data communication; intercepting, by the certificate use verification application, a second message directed to the certificate using application; and performing, by the certificate use verification application, correct processing of a certificate associated with the second message.