 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / January 2004How to read SSL certificate information?
I have several web servers with SSL certificates installed. My plan is to write a java program which will grab the certs via ftp, then read (parse) the certificate information. Ultimately what I want is the expiration date. I found an example of printing a cert (listed below), but get unresolved symbol errors when compiling. I thought I needed the Java Cryptography Extension (JCE), so I downloaded and installed that, but still get the error. What do I need to do in order to parse a Verisign certificate, in either .cer or .crt format? -Thanks import java.security.cert.*; import java.io.*; public class PrintCert { public static void main(String args[]) { try { FileInputStream fr = new FileInputStream("sdo.cer"); X509Certificate c = X509Certificate.getInstance(fr); System.out.println("Read in the following certificate:"); System.out.println("\tCertificate for: " + c.getSubjectDN()); System.out.println("\tCertificate issued by: " + c.getIssuerDN()); System.out.println("\tThe certificate is valid from " + c.getNotBefore() + " to " + c.getNotAfter()); System.out.println("\tCertificate SN# " + c.getSerialNumber()); System.out.println("\tGenerated with " + c.getSigAlgName()); } catch (Exception e) { e.printStackTrace(); } } > [quoted text muted] You need to use a CertificateFactory to get a valid X509Certificate from a stream: FileInputStream inStream = new FileInputStream("yourinputcertfile"); CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream); See: http://java.sun.com/j2se/1.4.2/docs/api/java/security/cert/X509Certificate.html - Mitch Gallant MVP Security http://pages.istar.ca/~neutron > I have several web servers with SSL certificates installed. > My plan is to write a java program which will grab the certs [quoted text clipped - 28 lines] > } > > [quoted text muted] somebody <some@body.com> said: >I have several web servers with SSL certificates installed. >My plan is to write a java program which will grab the certs [quoted text clipped - 5 lines] >that, but still get the error. What do I need to do in order >to parse a Verisign certificate, in either .cer or .crt format? While I don't have a direct solution for you in Java, there is an alternative you might be interested in. I had a similar problem, which I solved by connecting to the sites in question using https, and reading off the certificate expiration date that was included in the certificate sent by the server during the https protocol handshake.  SignatureWolf a.k.a. Juha Laiho Espoo, Finland (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++ "...cancel my subscription to the resurrection!" (Jim Morrison) Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.