how to check SSL certificate expiration date programmatically in Java

I need to extract expiration date from SSL certificate on web site in Java,should support both trusted and self-signed certificate,such as: 1.trusted https://github.com 2.self-signed https://mms.nw.ru/

I already copy some code as:

import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class SSLTest {

    public static void main(String [] args) throws Exception {
        // configure the SSLContext with a TrustManager
        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(new KeyManager[0], new TrustManager[] {new DefaultTrustManager()}, new SecureRandom());
        SSLContext.setDefault(ctx);

        URL url = new URL("https://github.com");//https://mms.nw.ru
        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
        conn.setHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        });
        System.out.println(conn.getResponseCode());
        Certificate[] certs = conn.getServerCertificates();
        for (Certificate cert :certs){
            System.out.println(cert.getType());
            System.out.println(cert);
        }

        conn.disconnect();
    }

    private static class DefaultTrustManager implements X509TrustManager {

        @Override
        public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}

        @Override
        public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }
}

The questions are:

1. How to parse the expiration date from the certificate, in my code the toString() did output the date,but it is hard to parse.

2. How to determine the certificate chain, eg, the github certificate with chains 3, how did i know which certificate to get the expiration date from?

my application is an monitoring tool which has a function to monitor the SSL expiration date so that customer could be notified when it will expire soon. So i do not care whether the HTTPS is sucure, i just care when it will expire. what do you mean by "Java should already do it all for you."?

@Grace I meant that if the certificate(s) have expired it will throw an SSLHandshakeException. It's hard to believe that a simple calendar entry wouldn't accomplish the purpose without writing any Java code at all.

thanks for your quick response. It's OK for me to cast from Certificate to X509Certificate. Anyway our programs aim to automatically monitor the expiration date of one certificate and will notify admin if it will expire soon.Our application is a monitoring system just like nagios etc.That's it. You did help very much:)

@Grace I see, have fun with it.

There is nothing in the question to suggest that Java didn't understand the certificate format.

This actually helped me alot