Example usage for javax.security.cert X509Certificate getNotAfter

List of usage examples for javax.security.cert X509Certificate getNotAfter

  1. HOME
  2. Java
  3. javax
  4. javax.security.cert.*
  5. X509Certificate
  6. getNotAfter

Introduction

In this page you can find the example usage for javax.security.cert X509Certificate getNotAfter.

Prototype

public abstract Date getNotAfter();

Source Link

Document

Gets the notAfter date from the validity period of the certificate.

Usage

From source file:org.bombusim.networking.NetworkSocketDataStream.java

public void setTLS() throws IOException {
    LimeLog.i("Socket", "Switching to secure socket layer", null);

    //TODO: check on different devices:
    // !!! ENSURE TLS enabled in account settings before test
    // 1. emulator/2.2 - SSLPeerUnverifiedException (jabber.ru, google.com) - bug in emulator v2.2
    // 2. cyanogen/2.3 - works (all hosts)
    // 3. emulator/ics - works
    // 4. Gratia/2.2 - works
    SSLSocketFactory sf =/*from ww  w .  j  a  va  2s.com*/
            //SSLCertificateSocketFactory.getDefault(20000, null);
            SSLCertificateSocketFactory.getInsecure(20000, null);

    //TODO: check on different devices:
    // 1. emulator/2.2 - works
    // 2. cyanogen/2.3 - works
    //KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
    //trustStore.load(null, null); 
    //SSLSocketFactory sf = new AndroidSSLSocketFactory(trustStore); 
    //sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 

    final SSLSocket ssls = (SSLSocket) sf.createSocket(socket, host, port, true);

    ssls.addHandshakeCompletedListener(new HandshakeCompletedListener() {
        @Override
        public void handshakeCompleted(HandshakeCompletedEvent event) {
            X509Certificate[] certs;
            try {
                certs = ssls.getSession().getPeerCertificateChain();
            } catch (SSLPeerUnverifiedException e) {
                return;
            }

            StringBuilder so = new StringBuilder();

            for (X509Certificate cert : certs) {
                so.append("X509 Certificate:\n").append(" Subject:");
                appendPrincipal(so, cert.getSubjectDN());
                so.append("\n Issued by:");
                appendPrincipal(so, cert.getIssuerDN());
                so.append("\n Valid from:    ").append(DateFormat.getInstance().format(cert.getNotBefore()));
                so.append("\n Expired after: ").append(DateFormat.getInstance().format(cert.getNotAfter()));
                so.append("\n\n");
            }

            certificateInfo = so.toString();
            LimeLog.i("Socket", "Certificate chain verified", certificateInfo);
        }

        private void appendPrincipal(StringBuilder so, Principal p) {
            String name = p.getName();
            if (name == null) {
                so.append("<null>\n");
                return;
            }

            String elements[] = name.split(",");
            for (String e : elements) {
                so.append("\n   ").append(e);
            }

            so.append("\n");
        }
    });

    ssls.startHandshake();
    socket = ssls;

    istream = socket.getInputStream();
    ostream = socket.getOutputStream();

}

From source file:pl.psnc.synat.wrdz.zu.certificate.CertificateChecker.java

/**
 * Checks whether any active users' certificates are beyond the expiration threshold.
 *//*from   ww w. j  av  a 2 s  . c  o  m*/
@TransactionAttribute
public void checkCertificates() {

    List<UserAuthentication> auths = userAuthDao.findAll();

    Calendar cal = Calendar.getInstance();
    cal.add(Calendar.DATE, configuration.getCertificateCheckThreshold());
    Date cutoff = cal.getTime();

    for (UserAuthentication auth : auths) {
        if (auth.getActive() && auth.getCertificate() != null) {
            try {
                X509Certificate certificate = X509Certificate
                        .getInstance(Base64.decodeBase64(auth.getCertificate()));
                if (cutoff.after(certificate.getNotAfter())) {
                    notifyExpirationCheckFail(auth.getUser().getUsername());
                }
            } catch (CertificateException e) {
                logger.warn("Certificate could not be read", e);
            }
        }
    }
}