SecurityException：未提供BC提供程序

Question

使用BouncyCastle编写生成数字证书的代码。

以下是导致问题的代码的重要部分。

public X509Certificate generateCertWithKeypair(KeyPair caPair) 
      throws InvalidKeyException, SecurityException, SignatureException { 
     X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); 
     v3CertGen 
       .setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())); 
     v3CertGen 
       .setIssuerDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c")); 
     v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 
       * 60 * 24)); 
     v3CertGen.setNotAfter(new Date(System.currentTimeMillis() 
       + (1000L * 60 * 60 * 24 * 365 * 10))); 
     v3CertGen 
       .setSubjectDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c")); 
     v3CertGen.setPublicKey(caPair.getPublic()); 
     v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); 
     X509Certificate generateX509Certificate = v3CertGen 
       .generateX509Certificate(caPair.getPrivate());//**here** 
     return generateX509Certificate; 
    } 

异常面临

Exception in "main" java.lang.SecurityException: BC provider not installed! 
    at X509V3CertificateGenerator.generateX509Certificate(Unknown Source) 
    at chapter4.Dupe.generateCertWithKeypair(Dupe.java:74) 
    at chapter4.Dupe.main(Dupe.java:32) 

在搜索我found，最新的罐子可以解决问题，但没有运气。

我错过了什么吗？

See Full Code Here.

Answer 1

你应该在JRE “注册” BC。你可以这样做有两种方式：把bcprov.jar在$ JRE/lib/ext目录文件夹，并添加$JRE/lib/security/java.security线

security.provider.N = org.bouncycastle.jce.provider.BouncyCastleProvider

或在classpath中放bcprov.jar，不要修改java.security，但在添加代码的地方

static { Security.addProvider(new BouncyCastleProvider()); } 

http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation