Examples with SANCertificateIdentityMapping org.jivesoftware.util.cert.SANCertificateIdentityMapping used on opensource projects

Example 1 with SANCertificateIdentityMapping

use of org.jivesoftware.util.cert.SANCertificateIdentityMapping in project Openfire by igniterealtime.

the class S2STestService method getCertificates.

/**
 * @return A String representation of the certificate chain for the connection to the domain under test.
 */
private String getCertificates() {
    final DomainPair pair = new DomainPair(XMPPServer.getInstance().getServerInfo().getXMPPDomain(), domain);
    Session session = XMPPServer.getInstance().getSessionManager().getOutgoingServerSession(pair);
    StringBuilder certs = new StringBuilder();
    if (session != null) {
        Log.info("Successfully negotiated TLS connection.");
        Certificate[] certificates = session.getPeerCertificates();
        for (Certificate certificate : certificates) {
            X509Certificate x509cert = (X509Certificate) certificate;
            certs.append("--\nSubject: ");
            certs.append(x509cert.getSubjectDN());
            List<String> subjectAltNames = new SANCertificateIdentityMapping().mapIdentity(x509cert);
            if (!subjectAltNames.isEmpty()) {
                certs.append("\nSubject Alternative Names: ");
                for (String subjectAltName : subjectAltNames) {
                    certs.append("\n  ");
                    certs.append(subjectAltName);
                }
            }
            certs.append("\nNot Before: ");
            certs.append(x509cert.getNotBefore());
            certs.append("\nNot After: ");
            certs.append(x509cert.getNotAfter());
            certs.append("\n\n-----BEGIN CERTIFICATE-----\n");
            certs.append(DatatypeConverter.printBase64Binary(certificate.getPublicKey().getEncoded()).replaceAll("(.{64})", "$1\n"));
            certs.append("\n-----END CERTIFICATE-----\n\n");
        }
    }
    return certs.toString();
}