Java
Java
Get Certificate CRL Distribution Points
See more Certificates Examples
Demonstrates how to get a certificate's CRL Distribution Points extension data (assuming it exists). In the vast majority of cases, there will be one CRL Distribution Point.Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat Java Downloads
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
boolean success = false;
CkCert cert = new CkCert();
success = cert.LoadFromFile("qa_data/certs/test_haswdt.cer");
if (success != true) {
System.out.println(cert.lastErrorText());
return;
}
// Get the CRL Distribution Points extension, which is at OID 2.5.29.31
String extensionXmlStr = cert.getExtensionAsXml("2.5.29.31");
if (cert.get_LastMethodSuccess() == false) {
System.out.println("Certificate does not have the CDP extension.");
return;
}
CkXml xml = new CkXml();
xml.LoadXml(extensionXmlStr);
// See what we have..
System.out.println(xml.getXml());
// We should get XML like this:
// <?xml version="1.0" encoding="utf-8" ?>
// <sequence>
// <sequence>
// <contextSpecific tag="0" constructed="1">
// <contextSpecific tag="0" constructed="1">
// <contextSpecific tag="6" constructed="0">aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
// cmVFbWFpbENBLmNybA==</contextSpecific>
// </contextSpecific>
// </contextSpecific>
// </sequence>
// </sequence>
//
// Assuming there is one CRL Distribution Point...
CkStringBuilder sbDistPoint = new CkStringBuilder();
success = xml.GetChildContentSb("sequence|contextSpecific|contextSpecific|contextSpecific",sbDistPoint);
if (success == true) {
sbDistPoint.Decode("base64","utf-8");
System.out.println("CRL Distribution Point: " + sbDistPoint.getAsString());
}
// Sample output:
// CRL Distribution Point: http://crl.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crl
}
}