creating X.509 certificate programming without BouncyCastle .
I have received the certificate but I could not understand how to
create the file with correct structure like keytool utility created ?
>>
import sun.security.x509.*;
import java.security.*;
import javax.security.cert .*;
public class GenCert
{
public static void main(String[] args)throws Exception
{
CertAndKeyGen cakg = new CertAndKeyGen("RSA", "MD5WithRSA");
cakg.generate(1024);
PublicKey publicKey = cakg.getPublicKey();
System.out.println(publicKey);
PrivateKey privateKey = cakg.getPrivateKey();
System.out.println(privateKey);
X500Name name = new X500Name("One", "Two", "Three", "Four", "Five", "Six");
System.out.println(name);
X509Cert cert = cakg.getSelfCert(name, 2000000);
System.out.println("cert: "+cert);
X509Certificate certificate = X509Certificate.getInstance(cert.getSignedCert());
}
}
[951 byte] By [
konusuaa] at [2007-10-3 11:44:23]
It is clear how to sertficate has been generated, but I have not
received the certificate file yet. Keytool generates certificate after
csr and I want to take the same one. What do I have to do after lines
X509Certificate certificate =
> X509Certificate.getInstance(cert.getSignedCert()); to take my.cer ?
please help.
> It is clear how to sertficate has been generated, but
> I have not
> received the certificate file yet. Keytool generates
> certificate after
> csr and I want to take the same one. What do I have
> to do after lines
> X509Certificate certificate =
> > X509Certificate.getInstance(cert.getSignedCert());
> to take my.cer ?
> please help.
Sorry but I don't see what the code you posted has to do with this. If you are asking how to load a certificate into your program then, assuming it is an X509 certificate, then something along the lines of
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(new FileInputStream(certificateFile));
RSAPublicKey pk = (RSAPublicKey)cert.getPublicKey();
I'm very sorry.
......
X500Name name = new X500Name("One", "Two", "Three", "Four", "Five", "Six");
X509Cert cert = cakg.getSelfCert(name, 2000000);
X509Certificate certificate = X509Certificate.getInstance(cert.getSignedCert());
..
after that I want to create my certificate file.
sorry,
The certificate structure is the following
cert: [
X.509v1 certificate,
Subject is CN=One, OU=Two, O=Three, L=Four, ST=Five, C=Six
Key: Sun RSA public key, 1024 bits
modulus: 153550208762159607549658382391004039185188701217980512506657304986980338833064714597601455741751557650180304361065700796283558731303619073870808641369230594533170390211390560328511965309195009659023618889042068127355104807042870321719064650378516084122122815166883075990321164053518964364975098815342956101169
public exponent: 65537 Validity <Wed Dec 06 10:54:14 MSK 2006> until <Mon Dec 18 00:40:54 MSK 2006>
Issuer is CN=One, OU=Two, O=Three, L=Four, ST=Five, C=Six
Issuer signature used MD5withRSA
Serial number =45767726
]
But System.out.println( certificate.getEncoded() ) returns the
next value>>> [B@89fbe3
Do you have any ideas?
> But System.out.println( certificate.getEncoded() )
> returns the
> next value>>> [B@89fbe3
>
> Do you have any ideas?
System.out.println( certificate.getEncoded() ) does not output the content of the byte array, just some pseudo reference to it. In any case, you don't want to write it to stdout, you need to open a FileOutputStream and write it with the streams write() method.
