Java – find whether the certificate is self signed or Ca signed

Java

I have a web application that allows users to upload pkcs12 I store pkcs12 in the database as a binary file Is there any way to know whether the certificate in pkcs12 is self signed or Ca signed?

I run a Java Web Application on Tomcat and can use OpenSSL

Solution

This is a bit of a hack, but the OpenSSL x509 command can report publishers and topics If the subject and issuer are the same, they are self signed; If they are different, it is signed by ca (strictly speaking, I have also signed many self signed certificates.)

While testing this theory, I conducted some tests; It works as follows:

cd /etc/ssl/certs
for f in *.0 ; do openssl x509 -in $f -issuer | head -1 > /tmp/$f.issuer ; openssl x509 -in $f -subject | head -1 > /tmp/$f.subject ; done
 cd /tmp
 sed -i -e s/issuer=// *.issuer
 sed -i -e s/subject=// *.subject
 cd /etc/ssl/certs/
 for f in *.0 ; do diff -u /tmp/$f.issuer /tmp/$f.subject ; done

I hope this will help

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>