接上篇,用java代碼實現一下獲取遠程服務端證書,仍是拿新浪首頁測試,上代碼:
java
package org.test; import java.net.URL; import java.security.MessageDigest; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import javax.net.ssl.HttpsURLConnection; public class Application { public static void main(String[] args) throws Exception { URL url = new URL("https://www.sina.com.cn"); HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); conn.connect(); Certificate[] certs = conn.getServerCertificates(); //會拿到完整的證書鏈 X509Certificate cert = (X509Certificate)certs[0]; //cert[0]是證書鏈的最下層 System.out.println("序號:" + cert.getSerialNumber()); System.out.println("頒發給:" + cert.getSubjectDN().getName()); System.out.println("頒發者:" + cert.getIssuerDN().getName()); System.out.println("起始:" + cert.getNotBefore()); System.out.println("過時:" + cert.getNotAfter()); System.out.println("算法:" + cert.getSigAlgName()); System.out.println("指紋:" + getThumbPrint(cert)); conn.disconnect(); } private static String getThumbPrint(X509Certificate cert) throws Exception { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] der = cert.getEncoded(); md.update(der); byte[] digest = md.digest(); return bytesToHexString(digest); } private static String bytesToHexString(byte[] src) { StringBuilder stringBuilder = new StringBuilder(""); if (src == null || src.length <= 0) { return null; } for (int i = 0; i < src.length; i++) { int v = src[i] & 0xFF; String hv = Integer.toHexString(v); if (hv.length() < 2) { stringBuilder.append(0); } stringBuilder.append(hv); } return stringBuilder.toString(); } }
運行看效果,獲得的輸出:算法
序號:78653003708979598891221754220386804014app 頒發給:CN=sina.com, OU="Sina.com Technology(China)Co.,ltd", O="Sina.com Technology(China)Co.,ltd", L=Beijing, ST=Beijing, C=CNide 頒發者:CN=GeoTrust SSL CA - G3, O=GeoTrust Inc., C=US測試 起始:Tue Feb 21 08:00:00 CST 2017ui 過時:Tue Nov 26 07:59:59 CST 2019url 算法:SHA256withRSAspa 指紋:6ce7b869e4d6f77a31a967af2dc1b904fd059aa3.net |
與以前是同樣的。code