List of usage examples for java.security.cert X509Certificate getSubjectDN
public abstract Principal getSubjectDN();
From source file:net.jradius.radsec.SimpleTrustManager.java
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { for (X509Certificate c : chain) System.err.println("Checking Server: " + c.getSubjectDN()); trustManager.checkServerTrusted(chain, authType); }
From source file:info.guardianproject.onionkit.trust.StrongTrustManager.java
/** * Returns the identity of the remote server as defined in the specified * certificate. The identity is defined in the subjectDN of the certificate * and it can also be defined in the subjectAltName extension of type * "xmpp". When the extension is being used then the identity defined in the * extension in going to be returned. Otherwise, the value stored in the * subjectDN is returned.// ww w.j a v a 2 s. c o m * * @param x509Certificate the certificate the holds the identity of the * remote server. * @return the identity of the remote server as defined in the specified * certificate. */ public static Collection<String> getPeerIdentity(X509Certificate x509Certificate) { // Look the identity in the subjectAltName extension if available Collection<String> names = getSubjectAlternativeNames(x509Certificate); if (names.isEmpty()) { String name = x509Certificate.getSubjectDN().getName(); Matcher matcher = cnPattern.matcher(name); if (matcher.find()) { name = matcher.group(2); } // Create an array with the unique identity names = new ArrayList<String>(); names.add(name); } return names; }
From source file:net.jradius.radsec.SimpleTrustManager.java
public X509Certificate[] getAcceptedIssuers() { if (trustAll.booleanValue()) return new X509Certificate[0]; X509Certificate[] chain = trustManager.getAcceptedIssuers(); for (X509Certificate c : chain) System.err.println("Accepted Issuer: " + c.getSubjectDN()); return chain; }
From source file:org.apache.ftpserver.ssl.MinaClientAuthTest.java
public void testClientCertificates() throws Exception { FtpIoSession session = server.getListener("default").getActiveSessions().iterator().next(); assertEquals(1, session.getClientCertificates().length); X509Certificate cert = (X509Certificate) session.getClientCertificates()[0]; assertTrue(cert.getSubjectDN().toString().contains("FtpClient")); }
From source file:net.jradius.radsec.SimpleKeyManager.java
public X509Certificate[] getCertificateChain(String arg0) { X509Certificate[] certs = keyManager.getCertificateChain(arg0); for (X509Certificate cert : certs) System.err.println(arg0 + " cert: " + cert.getSubjectDN()); return certs; }
From source file:bobs.mcapisignature.SignatureTest.java
@Test public void testSignSelectCert() throws MCAPIException, CertificateException, SelectCertificateExceprion { System.out.println("SignSelectCert"); byte[] data = "test".getBytes(); Signature signature = new Signature(); String Sha1Hash = testCertHash; Structures.CERT_CONTEXT cert = CertUtils.selectCert(); X509Certificate x509Cert = CertUtils.getX509Certificate(cert); System.out.println(x509Cert.getSubjectDN().toString()); signature.setSignatureAlgorithm("SHA256withRSA"); signature.setCert(cert);//from w w w . ja v a 2 s . co m signature.sign(data); }
From source file:ua.pp.msk.cliqr.CliQrHostnameVerifier.java
@Override public final void verify(String host, X509Certificate cert) throws SSLException { Principal subjectDN = cert.getSubjectDN(); try {/*from w w w .j ava2s . c om*/ Collection<List<?>> subjectAlternativeNames = cert.getSubjectAlternativeNames(); if (subjectAlternativeNames != null) { subjectAlternativeNames.stream().map((subList) -> { logger.debug("Processing alternative"); return subList; }).map((subList) -> { StringBuilder sb = new StringBuilder(); subList.stream().forEach((o) -> { sb.append(o.toString()).append(", "); }); return sb; }).forEach((sb) -> { logger.debug(sb.toString()); }); } } catch (CertificateParsingException ex) { logger.info("It is useful to ignore such king of exceptions", ex); } logger.debug("Subject distiguished name: " + subjectDN.getName()); }
From source file:org.viafirma.nucleo.validacion.CrlCache.java
/** * Retorna las crls asociadas al certificado actual en caso de que existan y no esten caducadas. * //from w w w.j a v a 2 s.c om * @param certificadoX509 Certificado para el que deseamos recuperar las crls. * @return Listado de crls asociado, null si no hay crls vlidas asociadas. */ public List<X509CRL> getCrlsFrom(X509Certificate certificadoX509) { String name = certificadoX509.getSubjectDN().getName(); if (cacheCrlsForCertificate.containsKey(name)) { // Hay CRLs en la cache. comprobamos que su validez es correcta. List<X509CRL> listTemp = cacheCrlsForCertificate.get(name); if (listTemp.isEmpty()) { // No hay crls asociadas a este certificado. return null; } else { Date ahora = new Date(); // Comprobamos que todas las CRLS estan en fecha correcta for (X509CRL crl : listTemp) { Date nextUpdate = crl.getNextUpdate(); // Si la crl no informa de su proxima actualizacin requerida o la actualizacin ya es necesaria if (nextUpdate == null || nextUpdate.compareTo(ahora) < 0) { // Algunas de las crls asociadas a este certificado estan caducadas, // Las eliminamos de la cache para que se fuerce su recarga. cacheCrlsForCertificate.remove(name); return null; } } // OK. Existen Crls y no estan caducadas. return listTemp; } } else { return null; } }
From source file:org.viafirma.nucleo.validacion.CrlCache.java
/** * Aadimos una nueva crl a la cache./*from w ww . j a va2s. co m*/ * @param certificadoX509 * @param listCRLs */ public void addToCache(X509Certificate certificadoX509, List<X509CRL> listCRLs) { String name = certificadoX509.getSubjectDN().getName(); cacheCrlsForCertificate.put(name, listCRLs); }
From source file:ee.ria.xroad.common.conf.globalconf.IdentifierDecoderHelper.java
static ClientId getSubjectName(X509Certificate cert, IdentifierDecoderType decoder, String instanceIdentifier) throws Exception { String methodName = StringUtils.trim(decoder.getMethodName()); Method method;/*from w w w. ja v a 2 s .c o m*/ try { method = getMethodFromClassName(methodName, X509Certificate.class); } catch (ClassNotFoundException e) { throw new CodedException(X_INTERNAL_ERROR, "Could not find identifier decoder: '%s'", methodName); } catch (NoSuchMethodException e) { throw new CodedException(X_INTERNAL_ERROR, "Could not find identifier decoder method: '%s'", methodName); } catch (Exception e) { throw new CodedException(X_INTERNAL_ERROR, e); } Object result; try { result = method.invoke(null /* Static, no instance */, cert); } catch (Exception e) { Throwable t = e instanceof InvocationTargetException ? e.getCause() : e; log.error("Error during extraction of subject name from " + "certificate '" + cert.getSubjectDN() + "' using " + "identifier decoder '" + methodName + "'", t); throw new CodedException(X_INCORRECT_CERTIFICATE, t); } if (result == null) { throw new CodedException(X_INCORRECT_CERTIFICATE, "Could not get SubjectName from certificate " + cert.getSubjectDN()); } if (result instanceof String) { return ClientId.create(instanceIdentifier, decoder.getMemberClass(), (String) result); } else if (result instanceof String[]) { String[] parts = (String[]) result; if (parts.length == 2) { return ClientId.create(instanceIdentifier, parts[0], parts[1]); } } else if (result instanceof ClientId) { return (ClientId) result; } throw new CodedException(X_INTERNAL_ERROR, "Unexpected result from identifier decoder: " + result.getClass()); }