如何从Java生成,签名和导入SSL证书 [英] How to generate, sign and import SSL certificate from Java
问题描述
可能重复:
使用Java生成证书,公钥和私钥
我需要在运行时生成自签名证书,签名并导入到Java密钥库。我可以通过以下方式使用命令行中的keytool和openssl:
I need to generate a self signed certificates at run time, sign them and import to the Java keystore. I can do this using "keytool" and "openssl" from command line in the following way:
keytool -import -alias root -keystore keystore.txt -file cacert.pem
keytool -genkey -keyalg RSA -keysize 1024 -alias www.cia.gov -keystore keystore.txt
keytool -keystore keystore.txt -certreq -alias www.cia.gov -file req.pem
openssl x509 -req -days 3650 -in req.pem -CA cacert.pem -CAkey cakey.pem -CAcreateserial -out reqsigned.pem
keytool -import -alias www.cia.gov -keystore keystore.txt -trustcacerts -file reqsigned.pem
当然,把我的应用程序与keytool和openssl二进制文件和执行上述命令从Java,但我正在寻找一个更清洁的方法,这将允许我使用纯Java做上述所有。
I can, of course, ship my application with keytool and openssl binaries and execute the above commands from Java, but I'm looking for a cleaner approach which would allow me to do all of the above using pure Java.
任何可以使用的库?
推荐答案
使用 BouncyCastle 生成证书。我相信它也允许您将它们导入到Java密钥库。
Use BouncyCastle to generate certificates. I believe it also allows you to import them to Java keystore.
此外,您的问题似乎非常类似于这一个。
Also your question seems to be very similar to this one.
这篇关于如何从Java生成,签名和导入SSL证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!