How to verify one certificate with public key of another

I have two x509Certificates

X509Certificate a;
X509Certificate b;

I would like to verify the signature of b with public key of a, where a is the issuer of b.

What I have so far is:

 public static boolean verify(String algorithm, byte[] content, byte[] signature, X509Certificate certificate) {
  try {
     Signature s = Signature.getInstance(algorithm, PROVIDER);
     return s.verify(signature);
  } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
     throw new IllegalArgumentException(e);


and I invoke method:

 verify(a.getSigAlgName(), a.getSignature(), b.getSignature(), b);

But this returns always false???

Could you please, help me to understand what might be the reason above method vertify(..) to return always false.


X509Certificate has a method verify(Public key).


would like do decrypt contents of b with public key of a:

No you wouldn't. Certificates aren't encrypted.

What you're really trying to do here is verify a certificate, which is done via its public key, obtained either from the certificate itself or from a second source of the same public key.

Verifying it with the public key of a different certificate doesn't begin to make sense.

In any caseX509Certificate already contains a sufficient verify() method.

Need Your Help

How to save or storing the SKPayment transaction?

ios transactions save nsuserdefaults storekit

I would like to store the SKPayment transaction in the user defaults or on the device, and I also would like to store the transaction data on my server at a later date (not done yet) so that a user...