javasslwebsecurity

How to check self-signed certificate from URL


How can i check that certificate from given URL is self-signed (like browser does)


URL destinationURL = new URL(url);
HttpsURLConnection conn = (HttpsURLConnection) destinationURL.openConnection();
conn.connect();
Certificate[] certs = conn.getServerCertificates();

But only thing i found is checkValidity(Date d). Which is working fine, but that's all.


Solution

  • Here is a relevant Red Hat article.

    Red Hat – Who signed my cert? | Enable Sysadmin.

    "... A certificate is self-signed if the subject and issuer match. A certificate is signed by a Certificate Authority (CA) if they are different. ..."

    You can utilize the X509Certificate class, which offers the getSubjectX500Principal, and getIssuerX500Principal methods.