HTTPS Client in JAVA

HttpsClient.java

cat << EOF > HttpsClient.java
// purpose; connecto to an HTTPS site and display certificate chain, validity, owner, issuer, SNI

import java.net.MalformedURLException;
import java.net.URL;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.cert.*;
import java.io.*;
import java.util.*;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLPeerUnverifiedException;

public class HttpsClient {

    public static void main(String[] args) throws Exception{

        if (args.length != 1) {
            System.out.println("Usage: "+HttpsClient.class.getName()+" <host>");
            System.exit(1);
        }

        URL url;
        try {

            url = new URL(args[0]);
            HttpsURLConnection con = (HttpsURLConnection)url.openConnection();

            System.out.println("Response Code : " + con.getResponseCode());
            System.out.println("Cipher Suite : " + con.getCipherSuite());
            System.out.println("\n");

            Certificate[] certs = con.getServerCertificates();
            for(Certificate cert : certs){
                // System.out.println("Cert Type : " + cert.getType());
                // System.out.println("Cert Hash Code : " + cert.hashCode());
                // System.out.println("Cert Public Key Algorithm : " + cert.getPublicKey().getAlgorithm());
                // System.out.println("Cert Public Key Format : " + cert.getPublicKey().getFormat());
                // System.out.println("Cert Public Key : " + cert.getPublicKey());

                System.out.println("Valid from: " + ((X509Certificate)cert).getNotBefore() + " until: " + ((X509Certificate)cert).getNotAfter());
                System.out.println("Owner: " + ((X509Certificate)cert).getSubjectX500Principal());
                System.out.println("Issuer: " + ((X509Certificate)cert).getIssuerX500Principal());
                System.out.println("SNI: " + ((X509Certificate)cert).getSubjectAlternativeNames());

                if(cert instanceof X509Certificate) {
                    try {
                        ( (X509Certificate) cert).checkValidity();
                        System.out.println("Certificate is active for current date");
                    } catch(CertificateExpiredException cee) {
                        System.out.println("Certificate is expired");
                    } catch(CertificateNotYetValidException cnyv) {
                        System.out.println("Certificate not yet valid");

                    }
                }

                System.out.println("\n");
            }

        } catch (MalformedURLException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }

    }

}
EOF
$ javac HttpsClient.java 



$ java HttpsClient "https://docs.oracle.com/en/"
Response Code : 200
Cipher Suite : TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384


Valid from: Sun Apr 28 00:00:00 UTC 2019 until: Mon Jul 27 12:00:00 UTC 2020
Owner: CN=www-ww.oracle.com, O=Oracle Corporation, L=Redwood Shores, ST=California, C=US
Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
SNI: [[2, www-ww.oracle.com], [2, docs.oracle.com], [2, cloud.oracle.com]]
Certificate is active for current date


Valid from: Fri Mar 08 12:00:00 UTC 2013 until: Wed Mar 08 12:00:00 UTC 2023
Owner: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
SNI: null
Certificate is active for current date