Getting certificate chain from TLS for using OCSP

你。 提交于 2019-12-13 04:14:47

问题


I would like to use OCSP checking for the certificate which is coming from the server during TLS handshake.

I am using Bouncy Castle as provider for OCSP implementation and BC verification methods want X509Certificate as parameter generally.

So; how can I follow and get incoming certificate chain at Java side and fetch it?

Thanks for your help.


回答1:


You can use HttpsURLConnection.getServerCertificates and cast the result to X509Certificate

HttpsURLConnection connection = ...
Certificate chain[] = connection.getServerCertificates();
X509Certificate cert = (X509Certificate)chain[0];


来源:https://stackoverflow.com/questions/51278027/getting-certificate-chain-from-tls-for-using-ocsp

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!