StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POGet REAL X.509 data from RFC1421 formatted certificate
primarykey
Id
1257389
data
AcceptedAnswerId
1257510
AnswerCount
3
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2009-08-10T21:45:57.853
FavoriteCount
1
LastActivityDate
2009-08-11T17:22:34.977
LastEditDate
2009-08-11T17:22:34.977
LastEditorUserId
153994
OwnerUserId
153994
ParentId
0
PostTypeId
1
Score
0
ViewCount
1415
LastEditorDisplayName
text
Body
We have a Java application that stores RSA public keys and allows a user to encrypt a short stream of information with any of the keys. The application also allows the user to import a new key certificate into the keystore. When we load the certificate from a file, we want to use the common name (CN) as the alias. Here is the problem: <pre><code>CertificateFactory x509CertFact = CertificateFactory.getInstance("X.509"); X509Certificate cert = x509CertFact.generateCertificate(certificateInputStream); String alias = cert.getSubjectX500Principal().getName(); assert alias.equals("CN=CommonName, OU=TestCo..."); // FAILS assert alais.equals("cn=commonname, ou=testco..."); // PASSES </code></pre> We know for a fact that the subject name in the file has mixed casing and we need to preserve that casing. Does anyone know how to get more flexible X.509 support from the JCE in Java6? We've thought of using the BouncyCastle lightweight API, but documentation is almost non-existent. EDIT: Using JDK 6u11 Here is the list of security providers from java.security: <pre><code>security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.crypto.provider.SunJCE security.provider.5=sun.security.jgss.SunProvider security.provider.6=com.sun.security.sasl.Provider security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC security.provider.9=sun.security.mscapi.SunMSCAPI security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider </code></pre> The certificate: <pre> -----BEGIN CERTIFICATE----- MIIDHjCCAtugAwIBAgIESnr4OzALBgcqhkjOOAQDBQAwcjELMAkGA1UEBhMCVVMxFTATBgNVBAoT DEdlbWFsdG8gSW5jLjEnMCUGA1UECxMeU29sdXRpb25zIGFuZCBTcGVjaWFsIFByb2plY3RzMSMw IQYDVQQDExpGUkJCTHVuYUNyeXB0b1NlcnZlci0xLjAuMDAeFw0wOTA4MDYxNTM1MjNaFw0wOTEx MDQxNTM1MjNaMHIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxHZW1hbHRvIEluYy4xJzAlBgNVBAsT HlNvbHV0aW9ucyBhbmQgU3BlY2lhbCBQcm9qZWN0czEjMCEGA1UEAxMaRlJCQkx1bmFDcnlwdG9T ZXJ2ZXItMS4wLjAwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I8 70QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJP u6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCP FSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV466 1FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoB JDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBHBBVNzuoXgpPFPkSN71rI MKkSIUAVE7iLagFCklCEvHlh1UxyRhCWNh/UazaJzHRZofWlVPRGmgtl+J6BJRJIDorPqt8FfifY fpbAbCQctMToFF5QqggumOlJozXyfV9eyYyNn+Y4yZDr8JKq70WX/S2M+Oo1+SBJsXMTeDdfkDAL BgcqhkjOOAQDBQADMAAwLQIUA+VcqEYMHwXdKY4XC+oO/zF/pRkCFQCDKAS5HpSMazbZgToEEYft QFJSvw== -----END CERTIFICATE----- </pre>
Tags
<java><x509certificate><bouncycastle><jce>
Title
Get REAL X.509 data from RFC1421 formatted certificate
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USJonathan Bernard
UserOwnerUserId
1. USJonathan Bernard
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POGet REAL X.509 data from RFC1421 formatted certificate
 UserUserId
 USKevin Wong
 VoteTypeVoteTypeId
 VTFavorite
CommentsPostId
1. COI ran into this one too. It sucks that X500Principal doesn't provide methods to get at the different parts of the DN. I guess parsing the result of X500Principal.getName() is the only solution...
 singulars
 PostPostId
 POGet REAL X.509 data from RFC1421 formatted certificate
 UserUserId
 USKevin Wong

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.