List of usage examples for org.apache.http.conn.ssl BrowserCompatHostnameVerifier verify
public final void verify(final String host, final String[] cns, final String[] subjectAlts) throws SSLException
From source file:com.archivas.clienttools.arcutils.utils.net.GetCertsX509TrustManager.java
public String testHostname(String hostname, SSLCertChain certChain) { String result = null;//from ww w .j a v a 2 s . co m String testingCN = null; try { List<X509Certificate> certList = certChain.getCertificateList(); String[] cnList = new String[certList.size()]; Iterator<X509Certificate> i = certList.iterator(); for (int count = 0; i.hasNext(); ++count) { String dn = ((X509Certificate) i.next()).getSubjectDN().getName(); int cnIndex = dn.indexOf("CN=") + 3; if (cnIndex < 0) { LOG.log(Level.FINE, "Hostname not found in certificate " + dn); continue; } int cnEndIndex = dn.indexOf(',', cnIndex); String cn = (cnEndIndex < 0 ? dn.substring(cnIndex + 3) : dn.substring(cnIndex + 3, cnEndIndex)); // Also remove the *. if (cn.startsWith("*.")) { cn = cn.substring(2); } cnList[count] = cn; // I think it is unlikely there are ever multiple certs coming in here. testingCN = cn; } BrowserCompatHostnameVerifier verifier = new BrowserCompatHostnameVerifier(); verifier.verify(hostname, cnList, null); } catch (SSLException e) { if (testingCN != null) { result = "Host name " + hostname + " is not equal to the certificate issuer's \nhost name " + testingCN; } LOG.log(Level.FINE, e.getMessage(), e); } return result; }