List of usage examples for org.bouncycastle.x509 X509V3CertificateGenerator setNotAfter
public void setNotAfter(Date date)
From source file:utils.Utils.java
License:Apache License
/** * Generate a sample V1 certificate to use as a CA root certificate */// www . j av a 2s. c o m public static X509Certificate generateRootCert(KeyPair pair, Config config) throws Exception { X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(1)); certGen.setIssuerDN(new X509Name("CN=Test CA Certificate")); certGen.setNotBefore(new Date(System.currentTimeMillis())); certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD)); certGen.setSubjectDN(new X509Name("CN=Test CA Certificate")); certGen.setPublicKey(pair.getPublic()); if (config == null) { certGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); } else { String name = "SHA1WithRSAEncryption"; certGen.setSignatureAlgorithm(name); } return certGen.generate(pair.getPrivate(), "BC"); }
From source file:utils.Utils.java
License:Apache License
/** * Generate a sample V3 certificate to use as an intermediate CA certificate *//* w w w . j a v a 2 s . c om*/ public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert) throws Exception { X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(1)); certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName())); certGen.setNotBefore(new Date(System.currentTimeMillis())); certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD)); certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test Intermediate Certificate").getName())); certGen.setPublicKey(intKey); certGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey)); certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0)); certGen.addExtension(X509Extensions.KeyUsage, true, new org.bouncycastle.asn1.x509.KeyUsage(org.bouncycastle.asn1.x509.KeyUsage.digitalSignature | org.bouncycastle.asn1.x509.KeyUsage.keyCertSign | KeyUsage.cRLSign)); return certGen.generate(caKey, "BC"); }
From source file:utils.Utils.java
License:Apache License
/** * Generate a sample V3 certificate to use as an end entity certificate *//*from w w w . j a va 2 s .c o m*/ public static X509Certificate generateEndEntityCert(PublicKey entityKey, PrivateKey caKey, X509Certificate caCert, Config config) throws Exception { X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(1)); certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName())); certGen.setNotBefore(new Date(System.currentTimeMillis())); certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD)); certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test End Certificate").getName())); certGen.setPublicKey(entityKey); if (config.getHash() == 0) certGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); else certGen.setSignatureAlgorithm("MD5WithRSAEncryption"); certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey)); certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.addExtension(X509Extensions.KeyUsage, true, new org.bouncycastle.asn1.x509.KeyUsage(org.bouncycastle.asn1.x509.KeyUsage.digitalSignature | org.bouncycastle.asn1.x509.KeyUsage.keyEncipherment)); return certGen.generate(caKey, "BC"); }