Checking certificates expiration dates in java keystore

My java application uses a keystore file in which I have a certificate which is used in ssl connection with active directory server. What I have to do is to check its expiration date and prompt user if its close to expire. I have to do it while my application starts. My idea is to use external program: keytool to display info about certain certificate in the keystore and then do some parsing operations on a string which keytool outputs to find this validation date.

Here's the output of a specific keytool command:

Owner:
Issuer: CN=CPD Root CA, DC=cpd, DC=local<br>
Serial number: 39e8d1610002000000cb
<br>Valid from: Wed Feb 22 21:36:31 CET 2012 until: Thu Feb 21 21:36:31 CET 2013
Certificate fingerprints: <br>
         MD5:  82:46:8B:DB:BC:5C:64:21:84:BB:68:E3:4B:D4:35:70<br>
         SHA1: 35:52:CA:F2:11:66:1E:50:63:BC:53:A5:50:C1:F0:1E:62:81:BC:3F<br>
         Signature algorithm name: SHA1withRSA

Problem would be with parsing date since I can't be sure in which format it is displayed.

Is there any easier way to check expiration date of certificates included in java keystore file?

Answers


Thanks for the direction EJP, here is a block of what I came up with.

    try {
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        keystore.load(new FileInputStream("keystoreLocation"), "keystorePassword".toCharArray());
        Enumeration<String> aliases = keystore.aliases();
        while(aliases.hasMoreElements()){
            String alias = aliases.nextElement();
            if(keystore.getCertificate(alias).getType().equals("X.509")){
                System.out.println(alias + " expires " + ((X509Certificate) keystore.getCertificate(alias)).getNotAfter());
            }
        }
    } catch (Exception e) {
        e.printStackTrace();
    }

Use the java.security.Keystore class to load the keystore and enumerate its contents, and check each certificate for expiry.


Need Your Help

Node Redis with AWS

node.js amazon-web-services redis amazon-elasticache

AWS has Redis support via the ElastiCache Service. My question is, can I connect to Redis on AWS Elasticache from node, using the following:

How to pass custom object in Bundle?

java android object android-intent bundle

I am trying to pass my own custom object into a bundle: