According to X.509, you can create certificates with either RSA or DSA key pairs. But only RSA key pairs are capable of exchanging keys when starting a new SSL connection with a SSL server. You can only use RSA key pairs as your server certificates. On the other hand, CAs do not have to exchange keys. They only issue other certificates. You can use either RSA or DSA key pair as your CAs. But, some SSL programs do not support the DSA algorithm yet.
Sometimes u need check certificate valid date on server. U can do this in java simple: