如何从 Java 生成、签署和导入 SSL 证书

How to generate, sign and import SSL certificate from Java(如何从 Java 生成、签署和导入 SSL 证书)

问题描述

Possible Duplicate:
Generate certificates, public and private keys with Java

I need to generate a self signed certificates at run time, sign them and import to the Java keystore. I can do this using "keytool" and "openssl" from command line in the following way:

keytool -import -alias root -keystore keystore.txt -file cacert.pem
keytool -genkey -keyalg RSA -keysize 1024 -alias www.cia.gov -keystore keystore.txt
keytool -keystore keystore.txt -certreq -alias www.cia.gov -file req.pem
openssl x509 -req -days 3650 -in req.pem -CA cacert.pem -CAkey cakey.pem -CAcreateserial -out reqsigned.pem 
keytool -import -alias www.cia.gov -keystore keystore.txt -trustcacerts  -file reqsigned.pem

I can, of course, ship my application with keytool and openssl binaries and execute the above commands from Java, but I'm looking for a cleaner approach which would allow me to do all of the above using pure Java.

Any libraries I can use ?

Use BouncyCastle to generate certificates. I believe it also allows you to import them to Java keystore.

Also your question seems to be very similar to this one.

这篇关于如何从 Java 生成、签署和导入 SSL 证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！