/**
 * Checks if server cert on remote end is ok (i.e. not expired,
 * not self-signed.) Takes a hostname and port:
 *
 * java CertChecker <host> <port>
*/

import javax.net.ssl.*;

public class CertChecker {
  public static void main( String [] args ) {
	String host = args[ 0 ];
	int port = Integer.parseInt( args[ 1 ] );

	try {
		SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
		SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
		socket.startHandshake();
		System.out.println( "Valid" );
	} catch( SSLPeerUnverifiedException e ) {
		System.out.println( "Invalid" );
	} catch( Exception e ) {
		e.printStackTrace();
	}
  }
}