-1
如何使用java代碼從存在密鑰庫生成csr?如何使用java從存在密鑰庫生成csr
功能影響將是(但genearate文件)
的keytool -certreq -alias certificate_alias -keystore jssecacerts -storepass -file的changeit的client.csr
我剛剛發現的相同「Generating a Certificate Signing Request using Java API」
但是我已經有了X.509證書,該如何使用此證書在java中生成csr?
KeyStore ts = KeyStore.getInstance("JKS");
FileInputStream is = new FileInputStream(trustStoreFileName);
ts.load(is, trustStorePassword.toCharArray());
is.close();
X509Certificate x509Cert = (X509Certificate)ts.getCertificate("certificate_alias");
如何使用上述信息生成CSR?
我只是解決了吧〜
分享我所有的代碼生成,從存在的證書CSR。
KeyStore ks = KeyStore.getInstance("JKS");
FileInputStream is = new FileInputStream(trustStoreFileName);
ks.load(is, trustStorePassword.toCharArray());
is.close();
X509Certificate x509Cert = (X509Certificate)ks.getCertificate("certificate_alias");
X500Principal principal = x509Cert.getSubjectX500Principal();
X500Name x500Name = new X500Name(principal.getName());
PublicKey publicKey = x509Cert.getPublicKey();
PrivateKey privateKey = (PrivateKey) ks.getKey("certificate_alias", trustStorePassword.toCharArray());
String sigAlg = x509Cert.getSigAlgName();
PKCS10 pkcs10 = new PKCS10(publicKey);
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
pkcs10.encodeAndSign(new X500Signer(signature, x500Name));
ByteArrayOutputStream bs = new ByteArrayOutputStream();
PrintStream ps = new PrintStream(bs);
pkcs10.print(ps);
byte[] c = bs.toByteArray();
try {
if (ps != null)
ps.close();
if (bs != null)
bs.close();
} catch (Throwable th) {
}
您*從現有的密鑰庫生成CSR。您無法從證書生成CSR,因爲它沒有私鑰。你的問題沒有意義。 – EJP
感謝您的回答,我解決了它〜 – RoyHSIEH