Get certificate and add it to a Java truststore, when only having https URL?
I\'m trying to send push notifications to Android devices through the Google Cloud Message servers.
The URL we use to do that is:
https://android.goo
-
I've been able to save the certificates through the following Java code:
public void testConnectionTo(String aURL) throws Exception { URL destinationURL = new URL(aURL); HttpsURLConnection conn = (HttpsURLConnection) destinationURL.openConnection(); conn.connect(); Certificate[] certs = conn.getServerCertificates(); System.out.println("nb = " + certs.length); int i = 1; for (Certificate cert : certs) { System.out.println(""); System.out.println(""); System.out.println(""); System.out.println("################################################################"); System.out.println(""); System.out.println(""); System.out.println(""); System.out.println("Certificate is: " + cert); if(cert instanceof X509Certificate) { try { ( (X509Certificate) cert).checkValidity(); System.out.println("Certificate is active for current date"); FileOutputStream os = new FileOutputStream("/home/sebastien/Bureau/myCert"+i); i++; os.write(cert.getEncoded()); } catch(CertificateExpiredException cee) { System.out.println("Certificate is expired"); } } else { System.err.println("Unknown certificate type: " + cert); } } }And import them to the truststore:
keytool -import -alias GoogleInternetAuthority -file myCert1 -keystore truststore讨论(0) -
Use Portecle. You can open the target key store, then use Examine > Examine SSL/TLS Connection, enter
android.googleapis.comand443and you're done!讨论(0) -
If you have openssl you can use
openssl s_client -connect android.googleapis.com:443s_clientis a "generic SSL/TLS client which connects to a remote host using SSL/TLS", and among other things it prints out the server certificate it received from the remote server. It isn't an HTTP client, so it doesn't know to follow the 301 redirect, it'll just give you the certificate of the initial server you connected to.讨论(0)
加载中...
- 热议问题