Java安全管理____Java通过Https链接读取证书基本信息

import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/**
 * @author 18272
 * 证书过期定时任务校验
 */
public class CertUtil {

    public static void main(String[] args) {
    	getCertExpired("https://www.baidu.com/");
    	getCertExpired("https://192.168.**.**");
    	
    }
	
	public static void getCertExpired(String httpsUrl) {
		try {
			HttpsURLConnection.setDefaultHostnameVerifier(new CertUtil().new NullHostNameVerifier());
			SSLContext sslContext = SSLContext.getInstance("TLS");
				sslContext.init(null, trustAllCerts, new SecureRandom());
			HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
			URL url = new URL(httpsUrl);
			HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
		        conn.setRequestMethod("GET");
		        conn.setRequestProperty("Content-Type", "application/json;charset=utf-8");
		        conn.setConnectTimeout(3000);
		        conn.setReadTimeout(5000);
		        conn.connect();
	        Certificate[] certificates= conn.getServerCertificates();    
	        X509Certificate x509Certificate = (X509Certificate)certificates[0];    
	        System.out.println("证书版本:" + x509Certificate.getVersion());
	        System.out.println("证书编号:" + x509Certificate.getSerialNumber());
	        System.out.println("颁发机构:" + x509Certificate.getSubjectDN().getName());
	        System.out.println("颁发者:" + x509Certificate.getIssuerDN().getName());
	        System.out.println("证书开始时间:" + x509Certificate.getNotBefore());
	        System.out.println("有效期止" + x509Certificate.getNotAfter());
	        System.out.println("签名算法:" + x509Certificate.getSigAlgName());
	        System.out.println("证书公钥:" + x509Certificate.getPublicKey());
	        System.out.println("证书签名:" + x509Certificate.getSignature());
	        
	        conn.disconnect();
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

    static TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    } };
    public class NullHostNameVerifier implements HostnameVerifier {
        @Override
        public boolean verify(String arg0, SSLSession arg1) {
            return true;
        }
    }
    
    
}

//运行结果

证书版本:3
证书编号:93107898097560507230417716763171864450
颁发机构:CN=baidu.com, OU=service operation department., O="BeiJing Baidu Netcom Science Technology Co., Ltd", L=beijing, ST=beijing, C=CN
颁发者:CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
证书开始时间:Thu Jun 29 08:00:00 CST 2017
有效期止Sat Aug 18 07:59:59 CST 2018
签名算法:SHA256withRSA
证书公钥:Sun RSA public key, 2048 bits
  modulus: 25323137083552840337680365285567518017043090966414919730000096303105755967682312323769813552357674977926071311790901498785916885340572623697449152651795616655633819732133010536056346272158177448114923609565097454266899105159641618365943100969411621107565200221975906329750261571731141551103471932326035634081065879926654235552601838588760411036371026380461155920392227877205367115276228030914150627837450889527407745620739722613899361927463903258445600960377479218000748530613238621235540743168161273988035593117250255871216377672827331013764063630321905013182462661850681425347523159355169035963541625440760510793411
  public exponent: 65537
证书签名:[B@1d9a43d7
java.net.SocketTimeoutException: connect timed out
	at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
	at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
	at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
	at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
	at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
	at java.net.Socket.connect(Socket.java:579)
	at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:618)
	at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
	at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
	at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
	at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:275)
	at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:371)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
	at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:932)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at CertUtil.getCertExpired(CertUtil.java:39)
	at CertUtil.main(CertUtil.java:23)