Menu
Writing code to generate Digital Certificate using BouncyCastle.
Here is the essential part of code causing problem.
public X509Certificate generateCertWithKeypair(KeyPair caPair)
throws InvalidKeyException, SecurityException, SignatureException {
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen
.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
v3CertGen
.setIssuerDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60
* 60 * 24));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 365 * 10)));
v3CertGen
.setSubjectDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setPublicKey(caPair.getPublic());
v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
X509Certificate generateX509Certificate = v3CertGen
.generateX509Certificate(caPair.getPrivate());//**here**
return generateX509Certificate;
}
Exception facing
Exception in "main" java.lang.SecurityException: BC provider not installed!
at X509V3CertificateGenerator.generateX509Certificate(Unknown Source)
at chapter4.Dupe.generateCertWithKeypair(Dupe.java:74)
at chapter4.Dupe.main(Dupe.java:32)
In search I found that the latest jar resolves the issue, But no luck.
Am I missing something ?
See Full Code Here.
219
You should "register" BC in JRE. You can do it in two ways: put bcprov.jar in $JRE/lib/ext folder and add in $JRE/lib/security/java.security line
security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider
or put bcprov.jar in classpath, don't modify java.security, but add in code somewhere
static { Security.addProvider(new BouncyCastleProvider()); }
http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation
71
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
