SSL Certificate Verification in Java

Question

Say I have two Java apps that I wrote: Ping.jar and Pong.jar and they get deployed and ran on two separate servers (Ping.jar deploys t

Answer 1

AFAIK certificate verification should consist of following steps:

1. Certificate formal verification by verifying its signature, validity in terms of current time and validity in terms of a domain that is using given certificate. These things can be checked without any additional network communication.
2. Checking if certificate was not revoked - this is what is missing in answer given by @Bruno (otherwise I agree with him). I think this check can be only done after getting a fresh CRL (certificate revocation list) from the CA that signed the certificate (network communication with CA).