Generate certificates, public and private keys with Java [closed]

Tags:

I'm looking for a java library or code to generate certificates, public and private keys on the fly without to use third party programs (such as openssl).

I think something that is doeing keytool+openssl but from Java code.

Consider a java servlet based web application secured with ssl and client authentification. I want the servlet container generate client certificates (eg. pkcs12 format) on request only with Java code.

645

asked May 29 '09 10:05

PeterMmm

1 Answers

You can generate Certificate in java dynamically, by using a pair or keys. (Public Key, Private Keys). Get These keys as BigInteger format and checking the following code to generate certificate.

RSAPrivateKeySpec serPrivateSpec = new RSAPrivateKeySpec(
    new BigInteger(val of pub key), new BigInteger(val of pri key));
fact = KeyFactory.getInstance("RSA");
PrivateKey serverPrivateKey = fact.generatePrivate(serPrivateSpec);

RSAPublicKeySpec serPublicSpec = new RSAPublicKeySpec(
    new BigInteger(agentCL.getSerPubMod()), new BigInteger(agentCL.getSerPubExp()));
PublicKey serverPublicKey = fact.generatePublic(serPublicSpec);

keyStore = KeyStore.getInstance(IMXAgentCL.STORE_TYPE);
keyStore.load(null, SOMEPWD.toCharArray());

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

X509Certificate[] serverChain = new X509Certificate[1];
X509V3CertificateGenerator serverCertGen = new X509V3CertificateGenerator();
X500Principal serverSubjectName = new X500Principal("CN=OrganizationName");
serverCertGen.setSerialNumber(new BigInteger("123456789"));
// X509Certificate caCert=null;
serverCertGen.setIssuerDN(somename);
serverCertGen.setNotBefore(new Date());
serverCertGen.setNotAfter(new Date());
serverCertGen.setSubjectDN(somename);
serverCertGen.setPublicKey(serverPublicKey);
serverCertGen.setSignatureAlgorithm("MD5WithRSA");
// certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,new
// AuthorityKeyIdentifierStructure(caCert));
serverCertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
    new SubjectKeyIdentifierStructure(serverPublicKey));
serverChain[0] = serverCertGen.generateX509Certificate(serverPrivateKey, "BC"); // note: private key of CA

keyStore.setEntry("xyz",
    new KeyStore.PrivateKeyEntry(serverPrivateKey, serverChain),
    new KeyStore.PasswordProtection("".toCharArray()));

Hope this will help you.

answered Sep 30 '22 18:09

Sekhar

Related questions
                            
                                Maven-shade-plugin, uber-jar and overlapping classes [duplicate]
                            
                                Why is the exception stack trace not logged in? [duplicate]
                            
                                How is concurrency in Spring AMQP Listener Container implemented?
                            
                                Spring Integration and TCP server socket - how can I send a message to a client?
                            
                                Shutdown netty programmatically
                            
                                Why am i seeing lots of sockets in CLOSE_WAIT status when webservice stops working?
                            
                                Which part of the equals() general contract does my equals() not satisfy
                            
                                Apache HttpClient: setConnectTimeout() vs. setConnectionTimeToLive() vs. setSocketTimeout()
                            
                                Can class name be excluded from Lombok @ToString?
                            
                                SpringBoot doesn't recognize RestController from another module in multi module Java application
                            
                                Gradle disable all incremental compilation and parallel builds
                            
                                ArrayList using addAll() compiler shows different behavior with generics [duplicate]
                            
                                What dependency is missing when I get java.lang.NoClassDefFoundError: javax/ws/rs/client/RxInvokerProvider error?
                            
                                Eclipse/javac disagree on compiling signature with default method collision; who is right?
                            
                                Maven ear plugin - "doubled" artifact when not using clean
                            
                                Cannot construct instance of `class name` (although at least on Creator exists)
                            
                                Why does Java application fail to run on Windows if jar file has L-attribute/reparse point
                            
                                Java Desktop application framework [closed]
                            
                                How to disable Java security manager?
                            
                                better way for dynamic forms with Spring?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

Generate certificates, public and private keys with Java [closed]

Tags:

java

ssl

openssl

keytool

PeterMmm

People also ask

1 Answers

Sekhar

Recent Activity

Donate For Us