Next, use Java code to achieve a remote server certificate, or take Sina home test, on the code:
Packageorg.test;ImportJava.net.URL;Importjava.security.MessageDigest;Importjava.security.cert.Certificate;Importjava.security.cert.X509Certificate;Importjavax.net.ssl.HttpsURLConnection; Public classApplication { Public Static voidMain (string[] args)throwsException {URL url=NewURL ("https://www.sina.com.cn"); Httpsurlconnection Conn=(httpsurlconnection) url.openconnection (); Conn.connect (); Certificate[] Certs= Conn.getservercertificates ();//will get the complete certificate chain.X509Certificate cert = (x509certificate) certs[0];//Cert[0] is the lowest level of the certificate chainSYSTEM.OUT.PRINTLN ("Serial Number:" +Cert.getserialnumber ()); System.out.println ("Issued to:" +Cert.getsubjectdn (). GetName ()); System.out.println ("Issuer:" +Cert.getissuerdn (). GetName ()); System.out.println ("Start:" +Cert.getnotbefore ()); System.out.println ("Expired:" +Cert.getnotafter ()); System.out.println ("Algorithm:" +cert.getsigalgname ()); System.out.println ("Fingerprint:" +getthumbprint (cert)); Conn.disconnect (); } Private StaticString getthumbprint (X509Certificate cert)throwsException {messagedigest MD= Messagedigest.getinstance ("SHA-1"); byte[] der =cert.getencoded (); Md.update (der); byte[] Digest =md.digest (); returnbytestohexstring (Digest); } Private StaticString bytestohexstring (byte[] src) {StringBuilder StringBuilder=NewStringBuilder (""); if(src = =NULL|| Src.length <= 0) { return NULL; } for(inti = 0; i < src.length; i++) { intv = src[i] & 0xFF; String HV=integer.tohexstring (v); if(Hv.length () < 2) {stringbuilder.append (0); } stringbuilder.append (HV); } returnstringbuilder.tostring (); }}
Run to see the effect, get the output:
Serial Number: 78653003708979598891221754220386804014 awarded to: cn=sina.com, ou= "Sina.com Technology (China) Co.,ltd", o= "sina.com Technology (China) Co.,ltd ", L=beijing, st=beijing, C=CN issuer: Cn=geotrust SSL ca-g3, O=geotrust Inc, c=us start: Tue Feb 21 08:0 0:00 CST 2017 Expires: Tue 07:59:59 CST 2019 algorithm: Sha256withrsa fingerprint: 6ce7b869e4d6f77a31a967af2dc1b904fd059aa3
is the same as before.
Get the server-side HTTPS certificate-Java edition