Code example for X509Certificate

Methods: getIssuerX500Principal

	public boolean verify(X509CRL crl, X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException {
		if (crl == null || signDate == null)
			return false; 
		// We only check CRLs valid on the signing date for which the issuer matches 
		if (crl.getIssuerX500Principal().equals(signCert.getIssuerX500Principal())
			&& signDate.after(crl.getThisUpdate()) && signDate.before(crl.getNextUpdate())) {
			// the signing certificate may not be revoked 
			if (isSignatureValid(crl, issuerCert) && crl.isRevoked(signCert)) {
				throw new VerificationException(signCert, "The certificate has been revoked.");
			return true; 
		return false; 
	 * Fetches a CRL for a specific certificate online (without further checking). 
	 * @param signCert	the certificate 
	 * @param issuerCert	its issuer