Skip to content

Tag: x509

X500Principal Distinguished Name order

I’m using the Bouncycastle lib to generate certificates from PKCS10 requests using the X509v3CertificateBuilder class. It returns build a X509CertificateHolder object which contains the generated certificate. If I call getIssuer on the holder, it returns the issuer distinguished name in the correct orde…

Write x509 certificate into PEM formatted string in java?

Is there some high level way to write an X509Certificate into a PEM formatted string? Currently I’m doing x509cert.encode() to write it into a DER formatted string, then base 64 encoding it and appending the header and footer to create a PEM string, but it seems bad. Especially since I have to throw in …

How to extract CN from X509Certificate in Java?

I am using a SslServerSocket and client certificates and want to extract the CN from the SubjectDN from the client’s X509Certificate. At the moment I call cert.getSubjectX500Principal().getName() but this of course gives me the total formatted DN of the client. For some reason I am just interested in th…