/**
* Checks whether the subject's certificate credentials are valid at a given date. If date is
* missing, current time is used as reference.
*
* @param subject Subject to check
* @param date Date the certificate is verified against. If null, the credentials are verified
* against current time.
* @throws CertificateException Subject has no associated certificate credentials or there is a
* problem with the existing certificate.
* @throws CertificateExpiredException Certificate is expired.
* @throws CertificateNotYetValidException Certificate not valid yet.
*/
public static void validateSubject(Subject subject, Date date)
throws CertificateException, CertificateExpiredException, CertificateNotYetValidException {
if (subject != null) {
Set<X509CertificateChain> certs = subject.getPublicCredentials(X509CertificateChain.class);
if (certs.size() == 0) {
// subject without certs
throw new CertificateException("No certificates associated with subject");
}
X509CertificateChain chain = certs.iterator().next();
for (X509Certificate c : chain.getChain()) {
if (date != null) {
c.checkValidity(date);
} else {
c.checkValidity();
}
}
}
}
public static SSLSocketFactory getSocketFactory(X509CertificateChain chain) {
KeyStore ts = null;
KeyStore ks = null;
if (chain != null) ks = getKeyStore(chain.getChain(), chain.getPrivateKey());
return getSocketFactory(ks, ts);
}
