使用BouncyCastle API生成CSR [英] Generating the CSR using BouncyCastle API
问题描述
我是Java的安全方面的新人,偶然在这个图书馆叫bouncycastle。但是他们提供的示例和互联网上的示例请求使用 -
I am new to the security side of Java and stumbled across this library called bouncycastle. But the examples that they provide and the ones out on internet ask to use --
return new PKCS10CertificationRequest("SHA256withRSA", new X500Principal(
"CN=Requested Test Certificate"), pair.getPublic(), null, pair.getPrivate()
但是当我使用PKCS10CertificationRequest时,它看起来像是被弃用的。所以我开始看另一个使用CertificationRequest类的方法,但我真的很困惑,构造函数不采用相同的参数,
But when I use PKCS10CertificationRequest, it looks like it is deprecated. So I started looking at another method where I use CertificationRequest class. But I am really confused, the constructor does not take the same parameters instead it takes CertificationRequestInfo class which I am not sure how to fill up.
CertificationRequest request = new CertificationRequest(...);
如果有人能帮我找出如何制作CSR,
It would be awesome if someone could help me figure out how to make a CSR so that I can send it to the server for getting it signed.
感谢,
推荐答案
最近版本的BouncyCastle建议使用 org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder
类创建CSR。
With the recent versions of BouncyCastle it is recommended to create the CSR using the org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder
class.
您可以使用此代码snipppet:
You can use this code snipppet:
KeyPair pair = generateKeyPair();
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
new X500Principal("CN=Requested Test Certificate"), pair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(pair.getPrivate());
PKCS10CertificationRequest csr = p10Builder.build(signer);
这篇关于使用BouncyCastle API生成CSR的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!