/** * Checks whether the subject's certificate credentials are valid at a given date. If date is * missing, current time is used as reference. * * @param subject Subject to check * @param date Date the certificate is verified against. If null, the credentials are verified * against current time. * @throws CertificateException Subject has no associated certificate credentials or there is a * problem with the existing certificate. * @throws CertificateExpiredException Certificate is expired. * @throws CertificateNotYetValidException Certificate not valid yet. */ public static void validateSubject(Subject subject, Date date) throws CertificateException, CertificateExpiredException, CertificateNotYetValidException { if (subject != null) { Set<X509CertificateChain> certs = subject.getPublicCredentials(X509CertificateChain.class); if (certs.size() == 0) { // subject without certs throw new CertificateException("No certificates associated with subject"); } X509CertificateChain chain = certs.iterator().next(); for (X509Certificate c : chain.getChain()) { if (date != null) { c.checkValidity(date); } else { c.checkValidity(); } } } }
public static SSLSocketFactory getSocketFactory(X509CertificateChain chain) { KeyStore ts = null; KeyStore ks = null; if (chain != null) ks = getKeyStore(chain.getChain(), chain.getPrivateKey()); return getSocketFactory(ks, ts); }