List of usage examples for java.security.cert X509Certificate getSubjectDN
public abstract Principal getSubjectDN();
From source file:gov.va.med.imaging.proxy.ssl.AuthSSLX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType) *///w w w . j a v a 2 s . c o m public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (LOG.isInfoEnabled() && certificates != null) { for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; LOG.debug(" Server certificate " + (c + 1) + ":"); LOG.debug(" Subject DN: " + cert.getSubjectDN()); LOG.debug(" Signature Algorithm: " + cert.getSigAlgName()); LOG.debug(" Valid from: " + cert.getNotBefore()); LOG.debug(" Valid until: " + cert.getNotAfter()); LOG.debug(" Issuer: " + cert.getIssuerDN()); } } defaultTrustManager.checkServerTrusted(certificates, authType); }
From source file:org.openhealthtools.openatna.net.LoggedX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[], String) *//* w ww . j a va 2 s. c o m*/ public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (log.isInfoEnabled() && certificates != null) { String s = "\n========== checking client certificate chain =========="; for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; s += "\n Client certificate " + (c + 1) + ":"; s += "\n Subject DN: " + cert.getSubjectDN(); s += "\n Signature Algorithm: " + cert.getSigAlgName(); s += "\n Valid from: " + cert.getNotBefore(); s += "\n Valid until: " + cert.getNotAfter(); s += "\n Issuer: " + cert.getIssuerDN(); } s += "\n======================================================="; log.info(s); } // This will throw a CertificateException if it is not trusted. try { this.defaultTrustManager.checkClientTrusted(certificates, authType); } catch (CertificateException e) { log.error("Something wrong with the client certificate (auth type: \" + authType +\")", e); throw e; } }
From source file:org.globus.gsi.trustmanager.TrustedCertPathFinder.java
private static X509Certificate checkCertificate(List<X509Certificate> trustedCertPath, X509Certificate x509Certificate, Certificate issuerCertificate) throws CertPathValidatorException { X509Certificate x509IssuerCertificate = (X509Certificate) issuerCertificate; // check that the next one is indeed issuer, normalizing to Globus DN format String issuerDN = CertificateUtil.toGlobusID(x509Certificate.getIssuerX500Principal()); String issuerCertDN = CertificateUtil.toGlobusID(x509IssuerCertificate.getSubjectX500Principal()); if (!(issuerDN.equals(issuerCertDN))) { throw new IllegalArgumentException("Incorrect certificate path, certificate in chain can only " + "be issuer of previous certificate"); }//from w w w . ja v a2 s . c o m // validate integrity of signature PublicKey publicKey = x509IssuerCertificate.getPublicKey(); try { x509Certificate.verify(publicKey); } catch (CertificateException e) { throw new CertPathValidatorException( "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e); } catch (NoSuchAlgorithmException e) { throw new CertPathValidatorException( "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e); } catch (InvalidKeyException e) { throw new CertPathValidatorException( "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e); } catch (NoSuchProviderException e) { throw new CertPathValidatorException( "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e); } catch (SignatureException e) { throw new CertPathValidatorException( "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e); } trustedCertPath.add(x509Certificate); return x509IssuerCertificate; }
From source file:psiprobe.controllers.truststore.TrustStoreController.java
@Override protected ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response) throws Exception { List<Map<String, String>> certificateList = new ArrayList<>(); try {//from w ww .j a va 2 s .c o m String trustStoreType = System.getProperty("javax.net.ssl.trustStoreType"); KeyStore ks; if (trustStoreType != null) { ks = KeyStore.getInstance(trustStoreType); } else { ks = KeyStore.getInstance("JKS"); } String trustStore = System.getProperty("javax.net.ssl.trustStore"); String trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword"); if (trustStore != null) { try (FileInputStream fis = new FileInputStream(trustStore)) { ks.load(fis, trustStorePassword != null ? trustStorePassword.toCharArray() : null); } Map<String, String> attributes; for (String alias : Collections.list(ks.aliases())) { attributes = new HashMap<>(); if (ks.getCertificate(alias).getType().equals("X.509")) { X509Certificate cert = (X509Certificate) ks.getCertificate(alias); attributes.put("alias", alias); attributes.put("cn", cert.getSubjectDN().toString()); attributes.put("expirationDate", new SimpleDateFormat("yyyy-MM-dd").format(cert.getNotAfter())); certificateList.add(attributes); } } } } catch (Exception e) { logger.error("There was an exception obtaining truststore: ", e); } ModelAndView mv = new ModelAndView(getViewName()); mv.addObject("certificates", certificateList); return mv; }
From source file:bobs.mcapisignature.UtilsTest.java
@Test public void testFindCertBySubject() throws CertificateException { System.out.println("Find Cert By Subject"); Structures.CERT_CONTEXT cert = CertUtils.findCertBySubject("Ivan"); //assertNotNull(cert); X509Certificate x509Cert = CertUtils.getX509Certificate(cert); System.out.println(x509Cert.getSubjectDN().toString()); Structures.CERT_CONTEXT certNext = CertUtils.findCertBySubject("Ivan", cert); x509Cert = CertUtils.getX509Certificate(certNext); System.out.println(x509Cert.getSubjectDN().toString()); }
From source file:org.acegisecurity.providers.x509.cache.EhCacheBasedX509UserCache.java
public void putUserInCache(X509Certificate userCert, UserDetails user) { Element element = new Element(userCert, user); if (logger.isDebugEnabled()) { logger.debug("Cache put: " + userCert.getSubjectDN()); }//from ww w. j a v a 2 s. c o m cache.put(element); }
From source file:org.openhealthtools.openatna.net.LoggedX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[], String) *//* w w w .j ava2s.c om*/ public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (log.isInfoEnabled() && certificates != null) { String certificateChain = "Server Certificate Chain: \n"; for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; certificateChain += "\n Server certificate " + (c + 1) + ":" + "\n Subject DN: " + cert.getSubjectDN() + "\n Signature Algorithm: " + cert.getSigAlgName() + "\n Valid from: " + cert.getNotBefore() + "\n Valid until: " + cert.getNotAfter() + "\n Issuer: " + cert.getIssuerDN(); } log.info(certificateChain); } // This will throw a CertificateException if it is not trusted. try { this.defaultTrustManager.checkServerTrusted(certificates, authType); } catch (CertificateException e) { log.error("Something wrong with the server certificate: (auth type: " + authType + ")", e); throw e; } }
From source file:bobs.mcapisignature.UtilsTest.java
@Test public void testSelectCert() throws CertificateException { System.out.println("SelectCert"); Structures.CERT_CONTEXT cert;/*from w w w. j av a2s .c om*/ try { cert = CertUtils.selectCert(); X509Certificate x509Cert = CertUtils.getX509Certificate(cert); System.out.println(x509Cert.getSubjectDN().toString()); } catch (SelectCertificateExceprion ex) { Logger.getLogger(UtilsTest.class.getName()).log(Level.SEVERE, null, ex); } }
From source file:com.thoughtworks.go.security.SelfSignedCertificateX509TrustManager.java
/** * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType) *//*from ww w . j av a 2s .c om*/ public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (LOG.isDebugEnabled() && certificates != null) { for (int c = 0; c < certificates.length; c++) { X509Certificate cert = certificates[c]; LOG.info(" Client certificate " + (c + 1) + ":"); LOG.info(" Subject DN: " + cert.getSubjectDN()); LOG.info(" Signature Algorithm: " + cert.getSigAlgName()); LOG.info(" Valid from: " + cert.getNotBefore()); LOG.info(" Valid until: " + cert.getNotAfter()); LOG.info(" Issuer: " + cert.getIssuerDN()); } } defaultTrustManager.checkClientTrusted(certificates, authType); }
From source file:org.globus.gsi.stores.ResourceSigningPolicyStoreTest.java
private X509Certificate readCertificate(String certPath) { try {/*ww w. j a v a2 s . com*/ FileInputStream fr = new FileInputStream(certPath); CertificateFactory cf = CertificateFactory.getInstance("X509"); X509Certificate crt = (X509Certificate) cf.generateCertificate(fr); logger.info("Read certificate:"); logger.info("\tCertificate for: " + crt.getSubjectDN()); logger.info("\tCertificate issued by: " + crt.getIssuerDN()); logger.info("\tCertificate is valid from " + crt.getNotBefore() + " to " + crt.getNotAfter()); logger.info("\tCertificate SN# " + crt.getSerialNumber()); logger.info("\tGenerated with " + crt.getSigAlgName()); return crt; } catch (Exception e) { e.printStackTrace(); } return null; }