In Java How do you extract issued to or user from a SSL cert

Question

0

Editorial Team

Asked: June 14, 20262026-06-14T05:13:12+00:00 2026-06-14T05:13:12+00:00

In Java How do you extract issued to or user from a SSL cert

0

In Java How do you extract “issued to” or user from a SSL cert within an HttpRequest?

what I’m working with:

 Object certChain = request
    .getAttribute("javax.servlet.request.X509Certificate");
if (certChain != null)
{
  X509Certificate certs[] = (X509Certificate[]) certChain;
  X509Certificate cert = certs[0];
  String user = cert.getSubjectDN().getName();
}

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-14T05:13:13+00:00

Here’s the code to extract the “Issued To” aka Subject for a cert within an httprequest,

import java.security.cert.X509Certificate;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;

X509Certificate[] certs = (X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate");
if ((certs == null) || (certs.length == 0)) {
   return null;
}

String name = certs[0].getSubjectX500Principal().getName(); // if you are looking for issuer then use cert[0].getIssuerX500Principal().getName();
LdapName ldapName = null;
try {
   ldapName = new LdapName(name);
} catch (InvalidNameException e) {
   throw new RuntimeException(e);
}

for (Rdn rdn : ldapName.getRdns()) {
   String type = rdn.getType();
   if ("CN".equals(type)) { 
        String issuedTo = (String)rdn.getValue();
   }
}

JDK 6 has the API getSubjectX500Prinicpal() in it’s rt.jar locally, not sure about the previous versions,
enter image description here

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In Java How do you extract issued to or user from a SSL cert

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply