1. 首頁
  2. 問答
  3. 吊銷狀態在BouncyCastle中生成X.509證書時出現未知錯誤

吊銷狀態在BouncyCastle中生成X.509證書時出現未知錯誤

2014-02-27 72 views
2

對加密和安全性以及嘗試生成x509證書的新手。吊銷狀態在BouncyCastle中生成X.509證書時出現未知錯誤

嘗試下面的代碼使用BouncyCastle的API:

X509V3CertificateGenerator certGenerator = new X509V3CertificateGenerator(); 
System.out.println("- ---Inside createCertificate Method----- certificate generated"); 
certGenerator.setSerialNumber(BigInteger.valueOf(Math.abs(new Random().nextLong()))); 
certGenerator.setIssuerDN(new X509Name(dn)); 
certGenerator.setSubjectDN(new X509Name(dn)); 
certGenerator.setIssuerDN(new X509Name(issuer)); // Set issuer! 
Calendar instance = Calendar.getInstance(); 
X509Certificate certificate = (X509Certificate) certGenerator.generate(
        privateKey, "BC");

碰上例外。

security: The OCSP support is enabled 
security: The CRL support is enabled 
security: Failing over to CRLs: Certificate does not specify OCSP responder 
security: Revocation Status Unknown 
com.sun.deploy.security.RevocationChecker$StatusUnknownException: Certificate does not specify OCSP responder 
    at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source) 
    at com.sun.deploy.security.RevocationChecker.check(Unknown Source) 
    at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source) 
    at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source) 
    at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source) 
    at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source) 
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source) 
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) 
    at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader$1.run(Unknown Source) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source) 
    at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) 
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) 
    at java.lang.ClassLoader.loadClass(Unknown Source) 
    at java.lang.Class.getDeclaredConstructors0(Native Method) 
    at java.lang.Class.privateGetDeclaredConstructors(Unknown Source) 
    at java.lang.Class.getConstructor0(Unknown Source) 
    at java.lang.Class.newInstance(Unknown Source) 
    at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter$1.run(Unknown Source) 
    at java.awt.event.InvocationEvent.dispatch(Unknown Source) 
    at java.awt.EventQueue.dispatchEventImpl(Unknown Source) 
    at java.awt.EventQueue.access$200(Unknown Source) 
    at java.awt.EventQueue$3.run(Unknown Source) 
    at java.awt.EventQueue$3.run(Unknown Source) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) 
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) 
    at java.awt.EventQueue$4.run(Unknown Source) 
    at java.awt.EventQueue$4.run(Unknown Source) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) 
    at java.awt.EventQueue.dispatchEvent(Unknown Source) 
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source) 
    at java.awt.EventDispatchThread.run(Unknown Source) 
    Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException 
     at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source) 
     ... 54 more 
network: Created version ID: 1.7.0.51 
network: Created version ID: 1.7.0.51

試過谷歌,對此沒有線索。謝謝你的幫助。

來源

2014-02-27 ꜱᴜʀᴇꜱʜ ᴀᴛᴛᴀ

回答

0

您的問題與BouncyCastle和證書生成無關。您正在使用Java小程序,並且java插件正在嘗試驗證JAR文件簽名。但似乎簽名證書(或證書鏈中的一個證書)沒有包含CRL服務器或OCSP響應程序URL的合適擴展名。因此簽名驗證失敗並且不能使用JAR。

一個解決方案可能會停用Java控制中心中的證書驗證(在「高級」選項卡中,「執行證書撤銷檢查」選項,選擇不驗證)。請注意,對於日常使用,這是不推薦,但可用於測試目的(例如在開發過程中,當小程序使用開發/自簽名證書進行簽名時)。

來源

2014-03-06 11:46:42 Jcs

+0

我在Java.com上發現了運行Java版本檢查器的相同問題。 'https:// www.java.com/en/download/installed.jsp' http://java.com:8080。這是否意味着Java搞砸了他們的證書或jar? –

相關問題

 相關問題