/** * Obtains the fingerprint of the certificate in the "ab:cd:ef:...:12" format. */ public static String getCertificateFingerprint(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); if (cert == null) { return null; } return digest(cert); }
protected void setCertificateFields(String cert, Certificate certificate) { try { DataUtils.getWritableFields(certificate).put("certFingerprint", SslCertificateUtils.getCertificateFingerprint(cert)); DataUtils.getWritableFields(certificate).put("expiresAt", SslCertificateUtils.getExpirationDate(cert)); DataUtils.getWritableFields(certificate).put("CN", SslCertificateUtils.getCN(cert)); DataUtils.getWritableFields(certificate).put("issuer", SslCertificateUtils.getIssuer(cert)); DataUtils.getWritableFields(certificate).put("issuedAt", SslCertificateUtils.getIssuedDate(cert)); DataUtils.getWritableFields(certificate).put("version", SslCertificateUtils.getVersion(cert)); DataUtils.getWritableFields(certificate).put("algorithm", SslCertificateUtils.getAlgorithm(cert)); DataUtils.getWritableFields(certificate).put("serialNumber", SslCertificateUtils.getSerialNumber(cert)); DataUtils.getWritableFields(certificate).put("keySize", SslCertificateUtils.getKeySize(cert)); DataUtils.getWritableFields(certificate).put("subjectAlternativeNames", SslCertificateUtils.getSubjectAlternativeNames(cert)); } catch (Exception e) { String className = e.getCause() != null ? e.getCause().getClass().getSimpleName() : e.getClass()
public static String getSerialNumber(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); return cert.getSerialNumber().toString(); }
protected String getOptions() { String cert = certDao.getPublicCA(); if (cert == null) { return ""; } try { String fingerprint = SslCertificateUtils.getCertificateFingerprint(cert); return "-e CA_FINGERPRINT=\"" + fingerprint.trim().toUpperCase() + "\" "; } catch (Exception e) { return ""; } }
public static String getExpirationDate(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); return cert.getNotAfter().toString(); }
public static String getIssuedDate(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); return cert.getNotBefore().toString(); }
public static String getIssuer(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); return cert.getIssuerX500Principal().getName(); }
public static Integer getKeySize(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); PublicKey key = cert.getPublicKey(); if (key instanceof RSAPublicKey) { RSAPublicKey keySpec = (RSAPublicKey) key; return keySpec.getModulus().bitLength(); } return null; }
public static String getAlgorithm(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); return cert.getSigAlgName(); }
public static List<?> getSubjectAlternativeNames(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); Collection<List<?>> names = cert.getSubjectAlternativeNames(); if (names == null) { return null; } List<String> altNames = new ArrayList<>(); Iterator<List<?>> it = names.iterator(); while (it.hasNext()) { List<?> obj = it.next(); // first value is type identifier (IP, DNS, etc), so adding second only altNames.add(obj.get(1).toString()); } return altNames; }
public static String getVersion(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); return String.valueOf(cert.getVersion()); }
public static String getCN(String certInput) throws Exception { X509Certificate cert = getCertificateFromPem(certInput); String dn = cert.getSubjectX500Principal().getName(); LdapName ln = new LdapName(dn); for (Rdn rdn : ln.getRdns()) { if (rdn.getType().equalsIgnoreCase("CN")) { return rdn.getValue().toString(); } } return null; }