2014-10-11 336 views

回答

3

通常一個.pfxpkcs12其保存公鑰,私鑰對的密鑰庫。此外,如果您在鏈接示例中使用帶有公共證書的RSA密鑰對,通常此證書必須由證書頒發機構頒發,無論如何,我認爲您嘗試保存自簽名證書,爲此,您必須使用java.security.KeyStore類不是FileOutputStream直接,我給你一個例子:

import java.io.FileOutputStream; 
import java.security.KeyStore; 
import java.security.cert.X509Certificate; 

.... 

X509Certificate cert = // your certificate... 
// generate a keystore instance 
KeyStore ks = KeyStore.getInstance("PKCS12"); 
// save your cert inside the keystore 
ks.setCertificateEntry("YourCertAlias", cert); 
// create the outputstream to store the keystore 
FileOutputStream fos = new FileOutputStream("/your_path/keystore.pfx"); 
// store the keystore protected with password 
ks.store(fos, "yourPassword".toCharArray()); 

.... 

正如我在您存儲密鑰對的密鑰庫通常說,正常使用:setKeyEntry(String alias, byte[] key, Certificate[] chain)setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)但是與上面的代碼,你可以存儲證書在密鑰庫中用密碼保護它。欲瞭解更多信息,請看:java keystore api

希望這有助於

-1

我有我的答案是:

KeyPair pair = generateRSAKeyPair(); 
    X509Certificate cert = generateV3Certificate(pair); 
    KeyStore ks = KeyStore.getInstance("PKCS12", "BC"); 
    char[] password = "abc".toCharArray(); 
    ks.load(null,null); 
    ks.setCertificateEntry(cert.getSerialNumber().toString(), cert); 
    ks.setKeyEntry(cert.getSerialNumber().toString(), pair.getPrivate(), password, new Certificate[]{cert,cert}); 
    FileOutputStream fos = new FileOutputStream("keystore.pfx"); 
    ks.store(fos, password); 
    fos.close(); 
相關問題