List of usage examples for java.security.cert X509Certificate getIssuerDN
public abstract Principal getIssuerDN();
From source file:org.sipfoundry.sipxconfig.admin.X509CertificateUtilsTest.java
public void testGetX509Certificate() { File sipxCert = new File(TestUtil.getTestSourceDirectory(this.getClass()), "sipx.crt"); X509Certificate cert = X509CertificateUtils.getX509Certificate(sipxCert.getAbsolutePath()); assertEquals(//from w w w . j a v a2 s . c om "EMAILADDRESS=root@localhost.localdomain, CN=ca.localhost.localdomain, OU=sipXecs, O=localdomain, L=AnyTown, ST=AnyState, C=US", cert.getIssuerDN().getName()); File equifaxCert = new File(TestUtil.getTestSourceDirectory(this.getClass()), "equifax.crt"); X509Certificate cert1 = X509CertificateUtils.getX509Certificate(equifaxCert.getAbsolutePath()); assertEquals("OU=Equifax Secure Certificate Authority, O=Equifax, C=US", cert1.getIssuerDN().getName()); }
From source file:org.cesecore.certificates.ocsp.CanLogCache.java
/** * Checks if a certificate is valid Does also print a WARN if the certificate is about to expire. * //w w w . j av a2 s . c o m * @param signerCert the certificate to be tested * @return true if the certificate is valid */ private static boolean isCertificateValid(X509Certificate signerCert) { try { signerCert.checkValidity(); } catch (CertificateExpiredException e) { log.error(intres.getLocalizedMessage("ocsp.errorcerthasexpired", signerCert.getSerialNumber(), signerCert.getIssuerDN())); return false; } catch (CertificateNotYetValidException e) { log.error(intres.getLocalizedMessage("ocsp.errornotyetvalid", signerCert.getSerialNumber(), signerCert.getIssuerDN())); return false; } final long warnBeforeExpirationTime = OcspConfiguration.getWarningBeforeExpirationTime(); if (warnBeforeExpirationTime < 1) { return true; } final Date warnDate = new Date(new Date().getTime() + warnBeforeExpirationTime); try { signerCert.checkValidity(warnDate); } catch (CertificateExpiredException e) { log.warn(intres.getLocalizedMessage("ocsp.warncertwillexpire", signerCert.getSerialNumber(), signerCert.getIssuerDN(), signerCert.getNotAfter())); } catch (CertificateNotYetValidException e) { throw new Error("This should never happen.", e); } if (!log.isDebugEnabled()) { return true; } log.debug("Time for \"certificate will soon expire\" not yet reached. You will be warned after: " + new Date(signerCert.getNotAfter().getTime() - warnBeforeExpirationTime)); return true; }
From source file:org.viafirma.nucleo.validacion.ValidadorHandler.java
/** * //from ww w.j a va2 s .c om * Comprueba si el protocolo utilizado es OCSP * * @param certificadoX509 * @return */ public boolean isOCSPProtocol(X509Certificate certificadoX509) { boolean isEDNI = certificadoX509.getIssuerDN().getName().contains(Constantes.EDNI_ISSUERDN); // Si es de tipo FNMT y..... boolean isFNMT = certificadoX509.getIssuerDN().getName().contains(Constantes.FNMT_ISSUERDN); // Comprobamos si no hay parametros de configuracin para FNMT LDAP. boolean hayFNMTViaOCSP = StringUtils.isEmpty(CRLUtil.getCurrentInstance().fnmtLDAPHostURL); if (isEDNI || (isFNMT && hayFNMTViaOCSP)) { return true; } return false; }
From source file:org.dataone.proto.trove.mn.http.client.DataHttpClientHandler.java
/** * Show details of an X509 certificate, printing the information to STDOUT. * * @param cert the certificate to be displayed *///from w ww .j a v a 2 s . c o m public void displayCertificate(X509Certificate cert) { if (cert == null) { return; } logger.debug("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"); Principal issuerDN = cert.getIssuerDN(); logger.debug(" Issuer: " + issuerDN.toString()); Date notBefore = cert.getNotBefore(); DateFormat fmt = SimpleDateFormat.getDateTimeInstance(); logger.debug(" From: " + fmt.format(notBefore)); Date notAfter = cert.getNotAfter(); logger.debug(" To: " + fmt.format(notAfter)); Principal subjectDN = cert.getSubjectDN(); logger.debug("Subject: " + subjectDN.toString()); logger.debug("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"); }
From source file:org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil.java
/** * @param cert//from w w w.j a v a2s.c om * @param formatter * @return * @throws CertificateEncodingException */ private static CertData fillCertData(X509Certificate cert, Format formatter) throws CertificateEncodingException { CertData certData = new CertData(); certData.setSubjectDN(cert.getSubjectDN().getName()); certData.setIssuerDN(cert.getIssuerDN().getName()); certData.setSerialNumber(cert.getSerialNumber()); certData.setVersion(cert.getVersion()); certData.setNotAfter(formatter.format(cert.getNotAfter())); certData.setNotBefore(formatter.format(cert.getNotBefore())); certData.setPublicKey(Base64.encode(cert.getPublicKey().getEncoded())); return certData; }
From source file:org.apache.directory.server.core.security.CoreKeyStoreSpi.java
@Override public String engineGetCertificateAlias(Certificate cert) { LOG.debug("engineGetCertificateAlias({}) called.", cert); if (cert instanceof X509Certificate) { LOG.debug("Certificate in alias request is X.509 based."); X509Certificate xcert = (X509Certificate) cert; if (xcert.getIssuerDN().toString().equals(TlsKeyGenerator.CERTIFICATE_PRINCIPAL_DN)) { return APACHEDS_ALIAS; }// w w w. jav a 2 s . c om } try { Entry entry = getTlsEntry(); if (ArrayUtils.isEquals(cert.getEncoded(), entry.get(TlsKeyGenerator.USER_CERTIFICATE_AT).getBytes())) { return APACHEDS_ALIAS; } } catch (Exception e) { LOG.error(I18n.err(I18n.ERR_66), e); } return null; }
From source file:org.apache.syncope.client.console.wicket.markup.html.form.preview.BinaryCertPreviewer.java
@Override public Component preview(final byte[] uploadedBytes) { Label commonNameLabel = new Label("certCommonName", new Model<>()); if (uploadedBytes.length == 0) { LOG.info("Enpty certificate"); return commonNameLabel; }//from w w w . j ava2s. co m try (ByteArrayInputStream certificateStream = new ByteArrayInputStream(uploadedBytes)) { X509Certificate certificate = (X509Certificate) CertificateFactory.getInstance("X.509") .generateCertificate(certificateStream); StringBuilder commonNameBuilder = new StringBuilder("cn="); LdapName ldapName = new LdapName(certificate.getIssuerDN().getName()); for (Rdn rdn : ldapName.getRdns()) { if ("CN".equalsIgnoreCase(rdn.getType())) { commonNameBuilder .append(rdn.getValue() == null ? StringUtils.EMPTY : rdn.getValue().toString()); } } commonNameLabel.setDefaultModelObject(commonNameBuilder.toString()); } catch (Exception e) { LOG.error("Error evaluating certificate file", e); commonNameLabel.setDefaultModelObject(getString(Constants.ERROR)); } return this.addOrReplace(commonNameLabel); }
From source file:org.apache.syncope.console.wicket.markup.html.form.preview.BinaryCertPreviewer.java
@Override public Component preview() { final Label commonNameLabel = new Label("certCommonName", new Model<String>()); final ByteArrayInputStream certificateStream = new ByteArrayInputStream(uploadedBytes); try {/* ww w. j a v a 2s . co m*/ final X509Certificate certificate = (X509Certificate) CertificateFactory.getInstance("X.509") .generateCertificate(certificateStream); final StringBuilder commonNameBuilder = new StringBuilder("cn="); final LdapName ldapName = new LdapName(certificate.getIssuerDN().getName()); for (Rdn rdn : ldapName.getRdns()) { if ("CN".equalsIgnoreCase(rdn.getType())) { commonNameBuilder .append(rdn.getValue() == null ? StringUtils.EMPTY : rdn.getValue().toString()); } } commonNameLabel.setDefaultModelObject(commonNameBuilder.toString()); } catch (Exception e) { LOG.error("Error evaluating certificate file", e); throw new IllegalArgumentException("Error evaluating certificate file", e); } finally { IOUtils.closeQuietly(certificateStream); } return this.add(commonNameLabel); }
From source file:org.globus.gsi.stores.ResourceSigningPolicyStoreTest.java
private X509Certificate readCertificate(String certPath) { try {//from w ww . j a v a 2 s . c o m FileInputStream fr = new FileInputStream(certPath); CertificateFactory cf = CertificateFactory.getInstance("X509"); X509Certificate crt = (X509Certificate) cf.generateCertificate(fr); logger.info("Read certificate:"); logger.info("\tCertificate for: " + crt.getSubjectDN()); logger.info("\tCertificate issued by: " + crt.getIssuerDN()); logger.info("\tCertificate is valid from " + crt.getNotBefore() + " to " + crt.getNotAfter()); logger.info("\tCertificate SN# " + crt.getSerialNumber()); logger.info("\tGenerated with " + crt.getSigAlgName()); return crt; } catch (Exception e) { e.printStackTrace(); } return null; }
From source file:net.solarnetwork.node.setup.web.NodeCertificatesController.java
/** * View the main certs page.//from w ww . java 2 s . com * * @param model * the view model * @return */ @RequestMapping public String home(Model model) { X509Certificate nodeCert = pkiService.getNodeCertificate(); final Date now = new Date(); final boolean expired = (nodeCert != null && now.after(nodeCert.getNotAfter())); final boolean valid = (nodeCert != null && (!nodeCert.getIssuerDN().equals(nodeCert.getSubjectDN()) && !now.before(nodeCert.getNotBefore()) && !expired)); model.addAttribute("nodeCert", nodeCert); model.addAttribute("nodeCertExpired", expired); model.addAttribute("nodeCertValid", valid); return "certs/home"; }