使用Java读取X.509证书 [英] Reading an X.509 certificate with Java
问题描述
我试图使用Java来读取我从外部方收到的证书。代码抛出以下错误:
java.lang.RuntimeException:java.security.cert.CertificateException:无法初始化,java。 io.IOException:向DerValue构造函数提供的额外数据
代码:
FileInputStream ksfis = new FileInputStream(this.getCertificateFile());
ksbufin = new BufferedInputStream(ksfis);
certificate =(X509Certificate)
CertificateFactory.getInstance(X.509)。generateCertificate(ksbufin);
为了确保问题不在代码中,我创建了一个自签名证书,并使用它与代码,它工作正常。我已经在系统密钥链中安装了两个证书,它们都是有效的。我使用的是Mac和Java 1.6。
当我加载外部Party证书时,为什么我得到上述异常?你认为在转移期间被损坏了吗?
尝试使用openssl键入,然后导入结果:
openssl x509 -outform der -in certificate.pem -out certificate.der
或使用轻量级API中的Java Bouncy Castle功能:
http://www.bouncycastle.org/docs/pkixdocs1.5on/org /bouncycastle/openssl/PEMReader.html
您可以再次对结果进行编码,然后使用Java中的默认CertificateBuilder来获取JCE定义的证书。 p>
I am trying to use Java to read a certificate that I received from an external party. The code is throwing the following error:
java.lang.RuntimeException: java.security.cert.CertificateException: Unable to initialize, java.io.IOException: extra data given to DerValue constructor
The code:
FileInputStream ksfis = new FileInputStream(this.getCertificateFile());
ksbufin = new BufferedInputStream(ksfis);
certificate = (X509Certificate)
CertificateFactory.getInstance("X.509").generateCertificate(ksbufin);
To make sure the problem was not in the code, I created a self-signed certificate and used it with the code, and it worked fine. I have installed both certificates in the system key chain, and they both are valid. I am using a Mac and Java 1.6.
Any idea why I get the above exception when I load the external Party certificate? Do you think it got corrupted during transfer? If it did, it should not show up as valid on the local system, right?
Try to type this using openssl, and then import the result:
openssl x509 -outform der -in certificate.pem -out certificate.der
or use the Java Bouncy Castle functionality in the lightweight API:
http://www.bouncycastle.org/docs/pkixdocs1.5on/org/bouncycastle/openssl/PEMReader.html
You may encode the result again and then use the default CertificateBuilder in Java to get a JCE defined certificate.
这篇关于使用Java读取X.509证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
