- String s = aliases.nextElement();
- if (ks.entryInstanceOf(s, KeyStore.PrivateKeyEntry.class)) {
- X509Certificate c = (X509Certificate) ks.getCertificate(s);
- if (c != null) {
- String subject = c.getSubjectX500Principal().getName();
- String[] parts = subject.split(",");
- if (parts.length < 1) {
- return null;
- }
- subject = parts[5].trim();
- if (!subject.startsWith("CN=")) {
- return null;
+ String alias = aliases.nextElement();
+ if (ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
+ X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
+ if (cert != null) {
+ String subject = cert.getSubjectX500Principal().getName();
+ try {
+ LdapName ln = new LdapName(subject);
+ for (Rdn rdn : ln.getRdns()) {
+ if (rdn.getType().equalsIgnoreCase("CN")) {
+ return rdn.getValue().toString();
+ }
+ }
+ } catch (InvalidNameException e) {
+ eelfLogger.error("No valid CN not found for dr-node cert", e);