[英]Get X509 Certificate expiry date from string data
I am trying to get expiry date of x509 certificate from xml file under tag 我正在尝试从标记下的xml文件获取x509证书的到期日期
<ds:X509Certificate> MBaAFI7JTi5oRslwv2B3MmERGbPKKUsSMFwGA1UdIARVMFMwUQYKKwYBBAEJFQEBADBDMEEGCCsG
AQUFBwIBFjVodHRwOi8vd3d3LmNpc2NvLmNvbS9zZWN1cml0eS9wa2kvcG9saWNpZXMvaW5kZXgu
aHRtbDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOCAQEAs2DJZwgVLmZqQS2N
3Yp4iGYhZBG6vZSDaiaAg6u1wgrfq/byBd7H3Ei+V9I7MZ1aCh4s3kl6FJ1CoRhMQcM1gbxpCbPP
KAfrMv/5/MH8erMnole7m/MqVHETX1UbLEyagOioqK3cs8MzMKxC+Fdku6Bm+i/6xhUsc6XbrVJl
IHsVBB9+9ZnpjAjC9jj21r04N51cyfp6C37999TaybNEtCJlG0XTHfLbcyX65E9ndVaRd6GYu/d0
xW0MT5bKhA36KhpUROAbPS7rXKKkfCYnMkmImE7Hfvm3vRSahX+ehY1Tx9qJXFv3PYGzbyDbvpjV
2cSUgP/bhGATKSOZuhohrw== </ds:X509Certificate
> >
I have code that reads it to a string 我有将其读取为字符串的代码
NodeList nodelist = element.getElementsByTagName("ds:X509Certificate");
Element element1 = (Element) nodelist.item(0);
NodeList certificateItem = element1.getChildNodes();
String certificateValue = "---- BEGIN CERTIFICATE -------- " + "\n" +
"certificateItem.item(0).getNodeValue()" + "\n" + "--- END CERTIFICATE";
System.out.print("Certificate data is : " + certificateValue);
InputStream certinputstream = new ByteArrayInputStream(certificateValue.getBytes());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cf.generateCertificate(certinputstream);
System.out.println("Expiry Date : " + cert.getNotAfter());
But I am getting the following error java.security.cert.CertificateParsingException: invalid DER-encoded certificate data at sun.security.x509.X509CertImpl.parse(Unknown Source) at sun.security.x509.X509CertImpl.(Unknown Source) Any ideas ? 但是我收到以下错误java.security.cert.CertificateParsingException:sun.security.x509.X509CertImpl.parse(未知源)处的DER编码证书数据无效(未知源)任何想法? Thanks
谢谢
It's not clear whether this is all that's wrong, but you're not using the precise format specified in the CertificateFactory
docs: 尚不清楚这是否是所有问题,但是您没有使用
CertificateFactory
文档中指定的精确格式:
If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at the end by -----END CERTIFICATE-----.
如果证书是以Base64编码提供的,则必须以----- BEGIN CERTIFICATE -----开头,并且必须以----- END CERTIFICATE -----结尾。 。
You've got spaces around the text, the wrong number of dashes, and you don't have dashes after END CERTIFICATE
. 文本周围有空格,破折号错误,并且在
END CERTIFICATE
之后没有破折号。
You may also want to trim the node value as it currently has a couple of spaces after the data. 您可能还需要修剪节点值,因为它当前在数据之后有几个空格。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.