查看P12、CRT证书信息
Eave
2025.03.09
通过Java代码查看P12、CRT证书信息
package com.wizardaws.tools.application;
import com.wizardaws.tools.crypto.KeyStores;
import com.wizardaws.tools.date.DateUtil;
import com.wizardaws.tools.utils.Base64Util;
import com.wizardaws.tools.utils.ByteUtil;
import javax.security.auth.x500.X500Principal;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Collection;
import java.util.List;
public class Cert
{
public static void main(String[] args) throws Exception
{
getP12FileInfo("D:\\ca\\gramess.com.p12", "123456");
getCertFileInfo("D:\\ca\\gramess.com.crt");
}
private static void getP12FileInfo(String p12File, String password) throws Exception
{
KeyStore keyStore = KeyStores.loadKeyStore(p12File, password);
String alias = keyStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) keyStore.getCertificate(alias);
// 获取证书的主题信息
X500Principal subject = certificate.getSubjectX500Principal();
// 获取证书的颁发者信息
X500Principal issuer = certificate.getIssuerX500Principal();
// 获取证书备用域名名称
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
if(altNames != null)
{
for(List<?> altName : altNames)
{
// 类型 0:其他名称(例如,X400地址)、1:RFC822名称(电子邮件地址)、2:DNS名称、7:IP地址
Integer type = (Integer) altName.get(0); // 备用名称的类型
String value = (String) altName.get(1); // 备用名称的值
System.out.println((type == 2 ? "DNS" : "IP") + "=" + value);
}
}
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password.toCharArray());
PublicKey publicKey = certificate.getPublicKey();
String algorithm = publicKey.getAlgorithm();
System.out.println("版本: " + certificate.getVersion());
System.out.println("签名算法: " + certificate.getSigAlgName());
System.out.println("使用者: " + subject.getName());
System.out.println("颁发者: " + issuer.getName());
System.out.println("序列号: " + ByteUtil.bytesToHex(certificate.getSerialNumber().toByteArray()));
System.out.println("私钥: " + algorithm + ("RSA".equals(algorithm) ? ((RSAPrivateKey) privateKey).getModulus().bitLength() : "") + " " + Base64Util.encodeToString(privateKey.getEncoded()));
System.out.println("公钥: " + algorithm + ("RSA".equals(algorithm) ? ((RSAPublicKey) publicKey).getModulus().bitLength() : "") + " " + Base64Util.encodeToString(publicKey.getEncoded()));
System.out.println("有效起始日期: " + DateUtil.format(certificate.getNotBefore(), DateUtil.FORMAT_DATETIME));
System.out.println("有效截至日期: " + DateUtil.format(certificate.getNotAfter(), DateUtil.FORMAT_DATETIME));
}
private static void getCertFileInfo(String certFile) throws Exception
{
FileInputStream stream = new FileInputStream(certFile);
CertificateFactory factory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) factory.generateCertificate(stream);
stream.close();
// 获取证书的主题信息
X500Principal subject = certificate.getSubjectX500Principal();
// 获取证书的颁发者信息
X500Principal issuer = certificate.getIssuerX500Principal();
// 获取证书备用域名名称
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
if(altNames != null)
{
for(List<?> altName : altNames)
{
// 类型 0:其他名称(例如,X400地址)、1:RFC822名称(电子邮件地址)、2:DNS名称、7:IP地址
Integer type = (Integer) altName.get(0); // 备用名称的类型
String value = (String) altName.get(1); // 备用名称的值
System.out.println((type == 2 ? "DNS" : "IP") + "=" + value);
}
}
PublicKey publicKey = certificate.getPublicKey();
String algorithm = publicKey.getAlgorithm();
System.out.println("版本: " + certificate.getVersion());
System.out.println("签名算法: " + certificate.getSigAlgName());
System.out.println("使用者: " + subject.getName());
System.out.println("颁发者: " + issuer.getName());
System.out.println("序列号: " + ByteUtil.bytesToHex(certificate.getSerialNumber().toByteArray()));
System.out.println("公钥: " + algorithm + ("RSA".equals(algorithm) ? ((RSAPublicKey) publicKey).getModulus().bitLength() : "") + " " + Base64Util.encodeToString(publicKey.getEncoded()));
System.out.println("有效起始日期: " + DateUtil.format(certificate.getNotBefore(), DateUtil.FORMAT_DATETIME));
System.out.println("有效截至日期: " + DateUtil.format(certificate.getNotAfter(), DateUtil.FORMAT_DATETIME));
}
}p12证书信息输出如下:
DNS=grames.com
DNS=*.grames.com
IP=127.0.0.1
版本: 3
签名算法: SHA256withRSA
使用者: CN=gramess.com,OU=MyServer,O=MyRootServer,L=Chonqing,ST=Chonqing,C=CN
颁发者: CN=CA,OU=CA,O=CA,L=Chonqing,ST=Chonqing,C=CN
序列号: 00e70d327e0f623e90
私钥: RSA2048 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5U9LGS0xKq2xfgX0EMLZZTy567pyiSjJbQWn6/23ufEw8eXO7gtLzeGyQUt4aRQHihxOpF6Unmx3VOKWzqUIPoFiBejE5Y7zoOAQCIJX3a1+a2waVN/IxrvGRukTUGcU7IxoyhB7DGHIK5K4pk1Yyw60Ut9BIFfVR4+8jGLPfnowI91rEAbfygoV8CbbUGTkHy+QFJYGi94pNxvjaTPsfGcpLF9rAXeNRkVtd1GemtivsK6ZHlwAq3WPLR95RoebS7ZDg+rfg3taLsGE82pppsT1jmUasKRBo2/J5e7xa4Zr02Kt+QduQkllu6WMNgLazQxmRJqTHcsLawmsa/Ub5AgMBAAECggEAdXzhc1pK/E9efdFuOtjS0R10fvSEEhJtiBKZKEkEHRtpjTEFoIsYRsdCM+CE8yxqPHybhyf5SHl62TB3Q8V6nsNtOHAJgrNrD+BrEhosWFUWn+pYawKzpLGebV8jwT6xHYNsWTgO9Gmr6qH8k1jXXYlVUXwSK5DYG9kfQiWn6ovZVUblnqqTPZY6KIh6rn/b1Dw/e/ZJ1i4ohm1TTRRNkR9OvuGm+gQ/wLHH0tCU9Y0zbc95whq4pDqw1bK2Y9Bu6aZhlPpSLNTCEUzcMQ03sI+zWZ6ViQj8ppI3HTY0EK22Qgdg8wwHMn3YZk1pJOFMvu8+dgOegS5ENXR9+EeHgQKBgQDcAsP32E6Ky8wnbx10SnXhP29InsiLsfSCaNIgYEojkNKd3w8QwUVXTUTSaxkCk87VcF1/Z0gYihNxF+dmbBmFOjIZ/gUXlHt1BzlDWFi77sQBqv3nF9W/l07EeJ1ITEEktiRIxznS2suWRrkBe0qxytwQHn9sp/KD8zZuaK3MaQKBgQDXpKW3omfDkc5RyLV/5V0ovmKvJyhoqcbImQoBrWiDHpLKabPoCWpTjrlu/2K5Jjzy1Jb5/adHBIH5DqJkTJaUWAU0xoeunG9qVAwRC8eI6Gx9yOxqzVxuR8VHGOwZjHfv0q4VEzEn2q9JdNd3EUfr1AnDzokyPWezh1PeslaUEQKBgA5Vp8sILuXgLWcMWFDxYQjSB0AmCE8BwzqT9cziOTJkBzT+CY8/6HKtuCQ1kiWW180USyM36Xyf0nB17D/CH0+M4SLMaCyHIhwX4mU+5lkoT2EEcRKTfPvEsf8fFLBXN49axrZvNJdGZileZkNwcwdufjQWqJq9vpFWUV+UNm6xAoGAaA1rZTN5TDXjzzTA12jOTeWn6opDhlU9tPebi3moL3SmMgNVKwa4Bn+c3IFgmqRnzmhkPVZ2y97R9GJqW2lVU1kxkeil+cxEOpM5i1QawOYdy4gTA+n5ysDY4ViWPDG6gb8v/r1W/7sWz6QQf8SX5qRW3eOf8d0NV+RZxOBaxHECgYEAuA0lbmVeKXTZ7q6Rqlx/TSavNgvzswuOH6UUWsfPEdtRT1/pt1OkgQwQnac8ip1Z3WwSvcUJQ4NxAQy2/Rm3u09qe5/AO8EBxQg2o0Tyx5dUxQyldY93TXT6vprW2iwnNxZ6WW83nd3x62Oj6VKYA+oWlomARQgy8SGgM48AZX8=
公钥: RSA2048 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVPSxktMSqtsX4F9BDC2WU8ueu6cokoyW0Fp+v9t7nxMPHlzu4LS83hskFLeGkUB4ocTqRelJ5sd1Tils6lCD6BYgXoxOWO86DgEAiCV92tfmtsGlTfyMa7xkbpE1BnFOyMaMoQewxhyCuSuKZNWMsOtFLfQSBX1UePvIxiz356MCPdaxAG38oKFfAm21Bk5B8vkBSWBoveKTcb42kz7HxnKSxfawF3jUZFbXdRnprYr7CumR5cAKt1jy0feUaHm0u2Q4Pq34N7Wi7BhPNqaabE9Y5lGrCkQaNvyeXu8WuGa9NirfkHbkJJZbuljDYC2s0MZkSakx3LC2sJrGv1G+QIDAQAB
有效起始日期: 2025-03-01 15:04:05
有效截至日期: 2035-03-01 15:04:05crt证书信息输出如下:
DNS=grames.com
DNS=*.grames.com
IP=127.0.0.1
版本: 3
签名算法: SHA256withRSA
使用者: CN=gramess.com,OU=MyServer,O=MyRootServer,L=Chonqing,ST=Chonqing,C=CN
颁发者: CN=CA,OU=CA,O=CA,L=Chonqing,ST=Chonqing,C=CN
序列号: 00e70d327e0f623e90
公钥: RSA2048 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVPSxktMSqtsX4F9BDC2WU8ueu6cokoyW0Fp+v9t7nxMPHlzu4LS83hskFLeGkUB4ocTqRelJ5sd1Tils6lCD6BYgXoxOWO86DgEAiCV92tfmtsGlTfyMa7xkbpE1BnFOyMaMoQewxhyCuSuKZNWMsOtFLfQSBX1UePvIxiz356MCPdaxAG38oKFfAm21Bk5B8vkBSWBoveKTcb42kz7HxnKSxfawF3jUZFbXdRnprYr7CumR5cAKt1jy0feUaHm0u2Q4Pq34N7Wi7BhPNqaabE9Y5lGrCkQaNvyeXu8WuGa9NirfkHbkJJZbuljDYC2s0MZkSakx3LC2sJrGv1G+QIDAQAB
有效起始日期: 2025-03-01 15:04:05
有效截至日期: 2035-03-01 15:04:05