Java KeyPairGenerator generate certificate

Description

import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.util.Date;

import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

////from w  ww . jav  a  2  s .c  om
public class Main {
   public static void main(String args[]) {
      try {
         String enAlg = "RSA", sigAlg = "SHA1with" + enAlg;
         KeyPairGenerator kpg = KeyPairGenerator.getInstance(enAlg);
         KeyPair kp = kpg.generateKeyPair();
         PrivateKey priv = kp.getPrivate();

         X509CertInfo ci = new X509CertInfo();
         // populate certificate info
         ci.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
         BigInteger sn = new BigInteger(64, new SecureRandom());
         ci.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
         String dn = "CN=myName, OU=myOU, O=myO, L=MyL, S=myS, C=myC";
         X500Name issuer = new X500Name(dn);
         ci.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer));
         Date from = new Date();
         Date to = new Date(from.getTime() + 365 * 24 * 60 * 60 * 1000l);
         CertificateValidity duration = new CertificateValidity(from, to);
         ci.set(X509CertInfo.VALIDITY, duration);
         ci.set(X509CertInfo.SUBJECT, new CertificateSubjectName(issuer));
         ci.set(X509CertInfo.KEY, new CertificateX509Key(kp.getPublic()));
         AlgorithmId aid = new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid);
         ci.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(aid));

         X509CertImpl cert = new X509CertImpl(ci);
         // self sign
         cert.sign(priv, sigAlg);

         FileOutputStream os = new FileOutputStream("c.cer");
         os.write(cert.getEncoded());
         os.close();

         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
         char[] password = "123456".toCharArray();
         ks.load(null, password);
         java.security.cert.Certificate[] chain = { cert };
         ks.setKeyEntry("abc", priv, password, chain);
         java.io.FileOutputStream fos = new java.io.FileOutputStream("c.jks");
         ks.store(fos, password);

         KeyStore ts = KeyStore.getInstance(KeyStore.getDefaultType());
         ts.load(null, password);
         ts.setCertificateEntry("abc", cert);
         java.io.FileOutputStream fos1 = new java.io.FileOutputStream("c.ts");
         ts.store(fos1, password);
      } catch (Exception e) {
         e.printStackTrace();
      }
   }
}
Previous Next
Java KeyPairGenerator generate certificate

Java

java.security

AlgorithmConstraints

GuardedObject

KeyPairGenerator

KeyStore

MessageDigest

SecureRandom

Security

SignedObject

Description

Related
