Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.programmer > #21474 > unrolled thread
| Started by | Roedy Green <see_website@mindprod.com.invalid> |
|---|---|
| First post | 2013-01-17 05:09 -0800 |
| Last post | 2013-01-17 19:43 -0500 |
| Articles | 2 — 2 participants |
Back to article view | Back to comp.lang.java.programmer
probing SSL websites Roedy Green <see_website@mindprod.com.invalid> - 2013-01-17 05:09 -0800
Re: probing SSL websites Arne Vajhøj <arne@vajhoej.dk> - 2013-01-17 19:43 -0500
| From | Roedy Green <see_website@mindprod.com.invalid> |
|---|---|
| Date | 2013-01-17 05:09 -0800 |
| Subject | probing SSL websites |
| Message-ID | <9qtff89ct78dqno741okc8bad7267487v8@4ax.com> |
Is there an easy way to find out the certificate details of the SSL cert a site is using, in particular what root certs you need for it to be recognised? When do a probe an SSL website in Java, and you don't have the necessary root, what is supposed to happen? It seems to act as if the site just did not respond. -- Roedy Green Canadian Mind Products http://mindprod.com The first 90% of the code accounts for the first 90% of the development time. The remaining 10% of the code accounts for the other 90% of the development time. ~ Tom Cargill Ninety-ninety Law
[toc] | [next] | [standalone]
| From | Arne Vajhøj <arne@vajhoej.dk> |
|---|---|
| Date | 2013-01-17 19:43 -0500 |
| Message-ID | <50f89aad$0$292$14726298@news.sunsite.dk> |
| In reply to | #21474 |
On 1/17/2013 8:09 AM, Roedy Green wrote:
> Is there an easy way to find out the certificate details of the SSL
> cert a site is using, in particular what root certs you need for it to
> be recognised?
The following may reveal somnething:
import java.io.IOException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
public class CertSniff {
public static void dump(String urlstr) throws NoSuchAlgorithmException,
KeyManagementException, IOException {
System.out.println("URL=" + urlstr);
URL url = new URL(urlstr);
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
if (con.getResponseCode() == HttpsURLConnection.HTTP_OK) {
for(Certificate cert : con.getServerCertificates()) {
if(cert instanceof X509Certificate) {
X509Certificate cert509 = (X509Certificate)cert;
System.out.println("Subject = " + cert509.getSubjectDN());
System.out.println("Issuer = " + cert509.getIssuerDN());
} else {
System.out.println("Unknown certificate");
}
}
} else {
System.out.println("Connection problem");
}
con.disconnect();
}
public static void main(String[] args) throws Exception {
dump("https://www.google.com/");
dump("https://www.facebook.com/");
dump("https://www.microsoft.com/");
}
}
Arne
[toc] | [prev] | [standalone]
Back to top | Article view | comp.lang.java.programmer
csiph-web