How to extract CN from X509Certificate in Java - without using Bouncy Castle?

Question

How to extract CN from X509Certificate in Java - without using Bouncy Castle?

I want to use only what is associated with the Java security package.

From this answer, I tried:

static void parseCert(String filename) throws FileNotFoundException, CertificateException, IOException, InvalidNameException { FileInputStream fis = new FileInputStream(filename); BufferedInputStream bis = new BufferedInputStream(fis); CertificateFactory cf = CertificateFactory.getInstance("X.509"); while (bis.available() > 0) { X509Certificate cert = (X509Certificate) cf.generateCertificate(bis); String dn = cert.getIssuerX500Principal().getName(); System.out.println("DN is: " + dn); LdapName ln = new LdapName(dn); for (Rdn rdn : ln.getRdns()) { if (rdn.getType().equalsIgnoreCase("CN")) { System.out.println("CN is: " + rdn.getValue()); break; } } } }

Exit

DN: CN = LAME_IssuingCA O \ = PIG C \ = US
CN: LAME_IssuingCA O = PIG C = US

Is this wrong (O and C are part of CN ??)

+1

java certificate x509certificate

likejiujitsu Sep 07 '13 at 2:20

source share

1 answer

EJP · Accepted Answer · 2013-09-07 03:07

Backslashes indicate that the two second name / value pairs are not separate DN elements.

How to extract CN from X509Certificate in Java - without using Bouncy Castle?

More articles: