使用BouncyCastle API生成CSR [英] Generating the CSR using BouncyCastle API

问题描述

我是Java的安全方面的新人，偶然在这个图书馆叫bouncycastle。但是他们提供的示例和互联网上的示例请求使用 -

I am new to the security side of Java and stumbled across this library called bouncycastle. But the examples that they provide and the ones out on internet ask to use --

     return new PKCS10CertificationRequest("SHA256withRSA", new X500Principal(
    "CN=Requested Test Certificate"), pair.getPublic(), null, pair.getPrivate()

但是当我使用PKCS10CertificationRequest时，它看起来像是被弃用的。所以我开始看另一个使用CertificationRequest类的方法，但我真的很困惑，构造函数不采用相同的参数，

But when I use PKCS10CertificationRequest, it looks like it is deprecated. So I started looking at another method where I use CertificationRequest class. But I am really confused, the constructor does not take the same parameters instead it takes CertificationRequestInfo class which I am not sure how to fill up.

    CertificationRequest request = new CertificationRequest(...);

如果有人能帮我找出如何制作CSR，

It would be awesome if someone could help me figure out how to make a CSR so that I can send it to the server for getting it signed.

感谢，

推荐答案

最近版本的BouncyCastle建议使用 org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder 类创建CSR。

With the recent versions of BouncyCastle it is recommended to create the CSR using the org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder class.

您可以使用此代码snipppet：

You can use this code snipppet:

KeyPair pair = generateKeyPair();
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
    new X500Principal("CN=Requested Test Certificate"), pair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(pair.getPrivate());
PKCS10CertificationRequest csr = p10Builder.build(signer);

这篇关于使用BouncyCastle API生成CSR的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！