/** * Retrieve the {@link ThumbprintAlgorithm#DEFAULT} thumbprint of a X.509 certificate. * * @param cert * certificate * @return the thumbprint corresponding to the certificate; {@code not-null} value * @throws IllegalStateException * if an error occur while getting the encoded form of the certificates * @throws IllegalArgumentException * if an error occur while getting the encoded form of the certificates */ public static String computeCertificateThumbprint(X509Certificate cert) { return computeCertificateThumbprint(cert, ThumbprintAlgorithm.DEFAULT); }
/** * Returns certificate thumbprint with no colon characters and lower-cased. */ public static String generatePureFingerPrint(X509Certificate certificate) { String thumbprint = computeCertificateThumbprint(certificate); return thumbprint.replaceAll(":", "").toLowerCase(); }
public static void populateCertificateProperties(SslTrustCertificateState state, X509Certificate cert) { state.documentExpirationTimeMicros = TimeUnit.MILLISECONDS .toMicros(cert.getNotAfter().getTime()); state.commonName = CertificateUtil.getCommonName(cert.getSubjectDN()); state.issuerName = CertificateUtil.getCommonName(cert.getIssuerDN()); state.serial = cert.getSerialNumber() == null ? null : cert.getSerialNumber() .toString(); state.fingerprint = CertificateUtil.computeCertificateThumbprint(cert); state.validSince = cert.getNotBefore().getTime(); state.validTo = cert.getNotAfter().getTime(); } }
public static void populateCertificateProperties(SslTrustCertificateState state, X509Certificate cert) { state.documentExpirationTimeMicros = TimeUnit.MILLISECONDS .toMicros(cert.getNotAfter().getTime()); state.commonName = CertificateUtil.getCommonName(cert.getSubjectDN()); state.issuerName = CertificateUtil.getCommonName(cert.getIssuerDN()); state.serial = cert.getSerialNumber() == null ? null : cert.getSerialNumber() .toString(); state.fingerprint = CertificateUtil.computeCertificateThumbprint(cert); state.validSince = cert.getNotBefore().getTime(); state.validTo = cert.getNotAfter().getTime(); } }
/** * Extracts {@link X509Certificate} properties from the given {@code cert} * * @param cert * the x509 certificate * @return x509 certificate related properties as map */ public static Map<String, String> getCertificateInfoProperties(X509Certificate cert) { Map<String, String> certificateInfo = new HashMap<>(); certificateInfo.put(COMMON_NAME_KEY, CertificateUtil.getCommonName(cert.getSubjectDN())); certificateInfo.put(ISSUER_NAME_KEY, CertificateUtil.getCommonName(cert.getIssuerDN())); certificateInfo.put(SERIAL_KEY, getSerialNumber(cert)); certificateInfo.put(FINGERPRINT_KEY, CertificateUtil.computeCertificateThumbprint(cert)); certificateInfo.put(VALID_SINCE_KEY, Long.toString(cert.getNotBefore().getTime())); certificateInfo.put(VALID_TO_KEY, Long.toString(cert.getNotAfter().getTime())); return certificateInfo; }
private void validateCertProperties(SslTrustCertificateState state) throws Exception { assertEquals(HTTPS_HOST_COM, state.origin); X509Certificate[] certificates = CertificateUtil.createCertificateChain(state.certificate); for (X509Certificate cert : certificates) { cert.checkValidity(); assertEquals(cert.getNotAfter(), new Date(TimeUnit.MICROSECONDS .toMillis(state.documentExpirationTimeMicros))); assertEquals(CertificateUtil.getCommonName(cert.getSubjectDN()), state.commonName); assertEquals(CertificateUtil.getCommonName(cert.getIssuerDN()), state.issuerName); assertEquals(cert.getSerialNumber().toString(), state.serial); assertEquals(CertificateUtil.computeCertificateThumbprint(cert), state.fingerprint); assertEquals(cert.getNotBefore().getTime(), state.validSince); assertEquals(cert.getNotAfter().getTime(), state.validTo); } } }