本文介绍了从TLS获取证书链以使用OCSP的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想使用OCSP检查TLS握手期间来自服务器的证书.
I would like to use OCSP checking for the certificate which is coming from the server during TLS handshake.
我正在使用Bouncy Castle作为OCSP实现的提供者,并且BC验证方法通常希望X509Certificate作为参数.
I am using Bouncy Castle as provider for OCSP implementation and BC verification methods want X509Certificate as parameter generally.
所以;如何在Java端跟踪并获取传入证书链并进行获取?
So; how can I follow and get incoming certificate chain at Java side and fetch it?
感谢您的帮助.
推荐答案
您可以使用 HttpsURLConnection.getServerCertificates 并将结果转换为X509Certificate
You can use HttpsURLConnection.getServerCertificates and cast the result to X509Certificate
HttpsURLConnection connection = ...
Certificate chain[] = connection.getServerCertificates();
X509Certificate cert = (X509Certificate)chain[0];
这篇关于从TLS获取证书链以使用OCSP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!