I'm having a problem with X.509 certificate DN parsing. The CSR generated is of the form:
/C=/ST=/L=/O=/OU=/CN=
The signed certificate issued by the CA is of the form:
C=USA, ST=NJ, L=test, O=Google, OU=Adwords, CN=test
I need a utility class in Java, preferably something standard that will take either of these notations and canonicalize the DN to a standard format so I can compare the CSR and X.509 certificate data to determine if the DN's match.
Any help would be appreciated.
For parsing the X509 Certificate issued by the CA, you can use the following java api: java.security.cert.X509Certificate
Code snippet:
extractX509DN(X509Certificate cert) {
String domainName;
domainName = cert.getSubjectDN().getName();
}
Likewise, you can use the other methods in the api to extract details of the certificate you need.
For parsing the raw CSR, you can use the apis provided by BouncyCastle. I found a handy tutorial which you could probably use to understand the method involved in parsing a CSR:
Go through the above link and understand the following function:
public CSRInfo parseCSR (String csr);
Your answer lies in line number 76 of the above code snippet.