List of usage examples for java.security.cert X509Certificate getNotBefore
public abstract Date getNotBefore();
From source file:com.zotoh.crypto.CryptoUte.java
/** * @param cert//w ww.j ava2 s . c o m * @return */ public static Tuple getCertDesc(Certificate cert) { tstArgIsType("cert", cert, X509Certificate.class); X509Certificate x509 = (X509Certificate) cert; X500Principal issuer = x509.getIssuerX500Principal(); X500Principal subj = x509.getSubjectX500Principal(); Date vs = x509.getNotBefore(); Date ve = x509.getNotAfter(); return new Tuple(subj, issuer, vs, ve); }
From source file:test.integ.be.fedict.trust.CodeSigningTest.java
@Test public void testEVZW() throws Exception { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); InputStream fedictCertInputStream = CodeSigningTest.class.getResourceAsStream("/evzw/www.egreffe.be.crt"); X509Certificate fedictCert = (X509Certificate) certificateFactory .generateCertificate(fedictCertInputStream); LOG.debug("code signing not before: " + fedictCert.getNotBefore()); InputStream govCertInputStream = CodeSigningTest.class.getResourceAsStream("/gov-ca-2011.der"); X509Certificate govCert = (X509Certificate) certificateFactory.generateCertificate(govCertInputStream); InputStream rootCertInputStream = CodeSigningTest.class.getResourceAsStream("/root-ca2.der"); X509Certificate rootCert = (X509Certificate) certificateFactory.generateCertificate(rootCertInputStream); InputStream gsCertInputStream = CodeSigningTest.class .getResourceAsStream("/be/fedict/trust/roots/globalsign-be.crt"); X509Certificate gsCert = (X509Certificate) certificateFactory.generateCertificate(gsCertInputStream); List<X509Certificate> certChain = new LinkedList<>(); certChain.add(fedictCert);/* w ww.j av a 2s . c o m*/ certChain.add(govCert); certChain.add(rootCert); certChain.add(gsCert); MemoryCertificateRepository certificateRepository = new MemoryCertificateRepository(); certificateRepository.addTrustPoint(gsCert); TrustValidator trustValidator = new TrustValidator(certificateRepository); NetworkConfig networkConfig = new NetworkConfig("proxy.yourict.net", 8080); TrustValidatorDecorator trustValidatorDecorator = new TrustValidatorDecorator(networkConfig); trustValidatorDecorator.addDefaultTrustLinkerConfig(trustValidator, null, false); trustValidator.isTrusted(certChain); }
From source file:test.integ.be.fedict.trust.CodeSigningTest.java
@Test public void testValidation2011_2014() throws Exception { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); InputStream fedictCertInputStream = CodeSigningTest.class.getResourceAsStream("/fedict-2011-2014.der"); X509Certificate fedictCert = (X509Certificate) certificateFactory .generateCertificate(fedictCertInputStream); LOG.debug("code signing not before: " + fedictCert.getNotBefore()); LOG.debug("code signing serial: " + fedictCert.getSerialNumber()); InputStream govCertInputStream = CodeSigningTest.class.getResourceAsStream("/gov-ca-2011.der"); X509Certificate govCert = (X509Certificate) certificateFactory.generateCertificate(govCertInputStream); InputStream rootCertInputStream = CodeSigningTest.class.getResourceAsStream("/root-ca2.der"); X509Certificate rootCert = (X509Certificate) certificateFactory.generateCertificate(rootCertInputStream); InputStream gsCertInputStream = CodeSigningTest.class .getResourceAsStream("/be/fedict/trust/roots/globalsign-be.crt"); X509Certificate gsCert = (X509Certificate) certificateFactory.generateCertificate(gsCertInputStream); List<X509Certificate> certChain = new LinkedList<>(); certChain.add(fedictCert);//from w w w . j a v a2 s.c om certChain.add(govCert); certChain.add(rootCert); certChain.add(gsCert); MemoryCertificateRepository certificateRepository = new MemoryCertificateRepository(); certificateRepository.addTrustPoint(gsCert); TrustValidator trustValidator = new TrustValidator(certificateRepository); NetworkConfig networkConfig = new NetworkConfig("proxy.yourict.net", 8080); TrustValidatorDecorator trustValidatorDecorator = new TrustValidatorDecorator(networkConfig); trustValidatorDecorator.addDefaultTrustLinkerConfig(trustValidator, null, true); trustValidator.isTrusted(certChain); }
From source file:test.integ.be.fedict.trust.CodeSigningTest.java
@Test public void testCertipostCodeSigning() throws Exception { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); InputStream fedictCertInputStream = CodeSigningTest.class.getResourceAsStream("/FedICT-BE0367302178.cer"); X509Certificate fedictCert = (X509Certificate) certificateFactory .generateCertificate(fedictCertInputStream); LOG.debug("code signing not before: " + fedictCert.getNotBefore()); InputStream govCertInputStream = CodeSigningTest.class.getResourceAsStream("/NCA_WSOS.crt"); X509Certificate ca2Cert = (X509Certificate) certificateFactory.generateCertificate(govCertInputStream); InputStream rootCertInputStream = CodeSigningTest.class.getResourceAsStream("/NCA.crt"); X509Certificate rootCert = (X509Certificate) certificateFactory.generateCertificate(rootCertInputStream); InputStream gsCertInputStream = CodeSigningTest.class.getResourceAsStream("/GTE_ROOT.crt"); X509Certificate gsCert = (X509Certificate) certificateFactory.generateCertificate(gsCertInputStream); List<X509Certificate> certChain = new LinkedList<>(); certChain.add(fedictCert);//from w ww . ja va 2 s. c o m certChain.add(ca2Cert); certChain.add(rootCert); certChain.add(gsCert); MemoryCertificateRepository certificateRepository = new MemoryCertificateRepository(); certificateRepository.addTrustPoint(gsCert); TrustValidator trustValidator = new TrustValidator(certificateRepository); trustValidator.setAlgorithmPolicy(new AllowAllAlgorithmPolicy()); NetworkConfig networkConfig = new NetworkConfig("proxy.yourict.net", 8080); TrustValidatorDecorator trustValidatorDecorator = new TrustValidatorDecorator(networkConfig); trustValidatorDecorator.addDefaultTrustLinkerConfig(trustValidator, null, false); trustValidator.isTrusted(certChain); }
From source file:test.integ.be.fedict.trust.CodeSigningTest.java
@Test public void testValidation2010_2011() throws Exception { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); InputStream fedictCertInputStream = CodeSigningTest.class.getResourceAsStream("/fedict-2010-2011.der"); X509Certificate fedictCert = (X509Certificate) certificateFactory .generateCertificate(fedictCertInputStream); LOG.debug("code signing not before: " + fedictCert.getNotBefore()); InputStream govCertInputStream = CodeSigningTest.class.getResourceAsStream("/gov-ca-2010.der"); X509Certificate govCert = (X509Certificate) certificateFactory.generateCertificate(govCertInputStream); InputStream rootCertInputStream = CodeSigningTest.class.getResourceAsStream("/root-ca2.der"); X509Certificate rootCert = (X509Certificate) certificateFactory.generateCertificate(rootCertInputStream); InputStream gsCertInputStream = CodeSigningTest.class .getResourceAsStream("/be/fedict/trust/roots/globalsign-be.crt"); X509Certificate gsCert = (X509Certificate) certificateFactory.generateCertificate(gsCertInputStream); List<X509Certificate> certChain = new LinkedList<>(); certChain.add(fedictCert);/*from ww w . j av a2s . c o m*/ certChain.add(govCert); certChain.add(rootCert); certChain.add(gsCert); MemoryCertificateRepository certificateRepository = new MemoryCertificateRepository(); certificateRepository.addTrustPoint(gsCert); TrustValidator trustValidator = new TrustValidator(certificateRepository); NetworkConfig networkConfig = new NetworkConfig("proxy.yourict.net", 8080); TrustValidatorDecorator trustValidatorDecorator = new TrustValidatorDecorator(networkConfig); trustValidatorDecorator.addDefaultTrustLinkerConfig(trustValidator, null, true); try { trustValidator.isTrusted(certChain); fail(); } catch (TrustLinkerResultException e) { // expected } }
From source file:au.edu.monash.merc.capture.util.httpclient.ssl.AuthSSLX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType) *//*from w w w .ja v a2 s . c o m*/ public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (LOG.isInfoEnabled() && certificates != null) { for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; LOG.info(" Client certificate " + (c + 1) + ":"); LOG.info(" Subject DN: " + cert.getSubjectDN()); LOG.info(" Signature Algorithm: " + cert.getSigAlgName()); LOG.info(" Valid from: " + cert.getNotBefore()); LOG.info(" Valid until: " + cert.getNotAfter()); LOG.info(" Issuer: " + cert.getIssuerDN()); } } defaultTrustManager.checkClientTrusted(certificates, authType); }
From source file:au.edu.monash.merc.capture.util.httpclient.ssl.AuthSSLX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType) */// w w w .j a va 2s.c o m public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (LOG.isInfoEnabled() && certificates != null) { for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; LOG.info(" Server certificate " + (c + 1) + ":"); LOG.info(" Subject DN: " + cert.getSubjectDN()); LOG.info(" Signature Algorithm: " + cert.getSigAlgName()); LOG.info(" Valid from: " + cert.getNotBefore()); LOG.info(" Valid until: " + cert.getNotAfter()); LOG.info(" Issuer: " + cert.getIssuerDN()); } } defaultTrustManager.checkServerTrusted(certificates, authType); }
From source file:org.openhealthtools.openatna.net.LoggedX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[], String) */// ww w . j a v a2 s . c o m public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (log.isInfoEnabled() && certificates != null) { String s = "\n========== checking client certificate chain =========="; for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; s += "\n Client certificate " + (c + 1) + ":"; s += "\n Subject DN: " + cert.getSubjectDN(); s += "\n Signature Algorithm: " + cert.getSigAlgName(); s += "\n Valid from: " + cert.getNotBefore(); s += "\n Valid until: " + cert.getNotAfter(); s += "\n Issuer: " + cert.getIssuerDN(); } s += "\n======================================================="; log.info(s); } // This will throw a CertificateException if it is not trusted. try { this.defaultTrustManager.checkClientTrusted(certificates, authType); } catch (CertificateException e) { log.error("Something wrong with the client certificate (auth type: \" + authType +\")", e); throw e; } }
From source file:org.openhealthtools.openatna.net.LoggedX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[], String) *//*ww w . j ava 2 s .co m*/ public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (log.isInfoEnabled() && certificates != null) { String certificateChain = "Server Certificate Chain: \n"; for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; certificateChain += "\n Server certificate " + (c + 1) + ":" + "\n Subject DN: " + cert.getSubjectDN() + "\n Signature Algorithm: " + cert.getSigAlgName() + "\n Valid from: " + cert.getNotBefore() + "\n Valid until: " + cert.getNotAfter() + "\n Issuer: " + cert.getIssuerDN(); } log.info(certificateChain); } // This will throw a CertificateException if it is not trusted. try { this.defaultTrustManager.checkServerTrusted(certificates, authType); } catch (CertificateException e) { log.error("Something wrong with the server certificate: (auth type: " + authType + ")", e); throw e; } }
From source file:com.ab.http.AuthSSLX509TrustManager.java
/*** * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String * authType)/*from www .j ava 2 s. co m*/ */ public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (certificates != null) { for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; Log.i(TAG, " Client certificate " + (c + 1) + ":"); Log.i(TAG, " Subject DN: " + cert.getSubjectDN()); Log.i(TAG, " Signature Algorithm: " + cert.getSigAlgName()); Log.i(TAG, " Valid from: " + cert.getNotBefore()); Log.i(TAG, " Valid until: " + cert.getNotAfter()); Log.i(TAG, " Issuer: " + cert.getIssuerDN()); } } defaultTrustManager.checkClientTrusted(certificates, authType); }