首页 文章

如何从trust.p12证书文件中获取SSL证书主题,颁发者,开始日期和过期日期

提问于
浏览
0

环境 - IBM websphere应用服务器8.5.5文件 - trust.p12和key.p12(在trust.p12中,添加了20个证书)使用openssl commnd,我可以看到完整的证书详细信息,如下所示

MAC迭代2048 MAC验证确定PKCS7加密数据:pbeWithSHA1And40BitRC2-CBC,迭代2048证书包行包属性localKeyID:XX XX XX XX XX XX XX XX XX XX XX XX XX 48 54 A0 47 88 1D 90 friendlyName:test-server subject = / C = US / ST = IC / L = test / O = XXX安全/ OU = XXX / CN = something1 issuer = / C = US / ST = IC / L = test / O = XXX安全/ OU = XXXX / CN = something1 ----- BEGIN CERTIFICATE ----- ...... ...... -----结束证书-----

证书袋 Baggage 属性localKeyID:XX XX XX XX XX XX XX XX friendlyName:root subject = / C = US / ST = IC / L = test / O = XXX / OU = XXX / CN = testroot issuer = / C = US / ST = IC / L = test / O = XXX / OU = XXXX / CN = testroot -----开始证书----- ...... ...... -----结束证书--- -

但我尝试使用以下命令从trust.p12证书文件中获取主题,发行者,开始日期和过期日期 . 第一种方法openssl pkcs12 -in trust.p12 -nokeys | openssl x509 -noout -dates -subject -issuer -alias 2nd方法openssl pkcs12 -in trust.p12 -out trust.pem -nodes cat trust.pem | openssl x509 -noout -enddate但是我通过上面的命令单独输出1个证书而不是20个证书 . 1)有没有其他方法可以逐个获取20个证书,比如传递别名? 2)如何逐个获取20个证书的主题,发行人,开始日期和到期日期?

file ssl-certificate websphere-8 p12

1 回答

  • 0

    怎么样,如果这可以在java中完成 . 您需要知道所有20个证书的别名,并将其定义为字符串数组 .

    您还可以将别名定义为配置文件,以便在将来更改别名时,您不必更改代码 .

    static List<X509Certificate> certList = new ArrayList<>();
public static void main(String[] args) throws KeyStoreException
{
    String[] alias = { "1","2"};
    KeyStore keyStore = getKeyStore();
    for (int i = 0; i < alias.length; i++) {
        X509Certificate certFromKeyStore = (X509Certificate) keyStore.getCertificate(alias[i]);
        System.out.println(certFromKeyStore.getSubjectDN());
        certList.add(certFromKeyStore);
    }
    for (X509Certificate x509 : certList) {
        // verify all the information you looking for
        System.out.println(x509.getSerialNumber() + " "+ x509.getIssuerDN() );
    }
}

public static KeyStore getKeyStore()
{
    KeyStore keyStore = null;
    try
    {
        keyStore = KeyStore.getInstance("PKCS12");
        InputStream input = new FileInputStream("PATHTOP12");
        keyStore.load(input, "YOUR_P12_PASSWORD".toCharArray());
    } catch (Exception e) 
    {
        // catch the exception 
    }
    return keyStore;
}

    如果这有帮助,请告诉我 . 你是否特意在openssl中完成这项工作?

    回复于

相关问题