-1
如何使用java代码从存在密钥库生成csr?如何使用java从存在密钥库生成csr
功能影响将是(但genearate文件)
的keytool -certreq -alias certificate_alias -keystore jssecacerts -storepass -file的changeit的client.csr
我刚刚发现的相同“Generating a Certificate Signing Request using Java API”
但是我已经有了X.509证书,该如何使用此证书在java中生成csr?
KeyStore ts = KeyStore.getInstance("JKS");
FileInputStream is = new FileInputStream(trustStoreFileName);
ts.load(is, trustStorePassword.toCharArray());
is.close();
X509Certificate x509Cert = (X509Certificate)ts.getCertificate("certificate_alias");
如何使用上述信息生成CSR?
我只是解决了吧〜
分享我所有的代码生成,从存在的证书CSR。
KeyStore ks = KeyStore.getInstance("JKS");
FileInputStream is = new FileInputStream(trustStoreFileName);
ks.load(is, trustStorePassword.toCharArray());
is.close();
X509Certificate x509Cert = (X509Certificate)ks.getCertificate("certificate_alias");
X500Principal principal = x509Cert.getSubjectX500Principal();
X500Name x500Name = new X500Name(principal.getName());
PublicKey publicKey = x509Cert.getPublicKey();
PrivateKey privateKey = (PrivateKey) ks.getKey("certificate_alias", trustStorePassword.toCharArray());
String sigAlg = x509Cert.getSigAlgName();
PKCS10 pkcs10 = new PKCS10(publicKey);
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
pkcs10.encodeAndSign(new X500Signer(signature, x500Name));
ByteArrayOutputStream bs = new ByteArrayOutputStream();
PrintStream ps = new PrintStream(bs);
pkcs10.print(ps);
byte[] c = bs.toByteArray();
try {
if (ps != null)
ps.close();
if (bs != null)
bs.close();
} catch (Throwable th) {
}
您*从现有的密钥库生成CSR。您无法从证书生成CSR,因为它没有私钥。你的问题没有意义。 – EJP
感谢您的回答,我解决了它〜 – RoyHSIEH