Beispiel #1
0
 /**
  * Step 6,生成证书请求
  *
  * @throws KeyPairException
  * @throws CertificateException
  * @throws StorageException
  */
 public void createServerCSR() throws KeyPairException, CertificateException, StorageException {
   PEMFileStore<KeyPair> serverkeystore = new PEMFileStore<KeyPair>("D:\\certs\\server.key");
   PEMFileStore<PKCS10CertificationRequest> serverrequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\server.req");
   KeyPair keypair = KeyPairManager.generateRSAKeyPair();
   serverkeystore.save(keypair, null);
   X509Attrs principals = new X509Attrs();
   principals.setCommonName("*.zijincaifu.com");
   principals.setCountryCode("CN");
   PKCS10CertificationRequest csr = CSRManager.generateCSR(keypair, principals);
   serverrequeststore.save(csr, null);
 }
Beispiel #2
0
 /**
  * Step 3,生成证书请求
  *
  * @throws KeyPairException
  * @throws CertificateException
  * @throws StorageException
  */
 public void createClientCSR() throws KeyPairException, CertificateException, StorageException {
   PEMFileStore<KeyPair> clientkeystore = new PEMFileStore<KeyPair>("D:\\certs\\client.key");
   PEMFileStore<PKCS10CertificationRequest> clientrequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\client.req");
   KeyPair keypair = KeyPairManager.generateRSAKeyPair();
   clientkeystore.save(keypair, null);
   X509Attrs principals = new X509Attrs();
   principals.setCommonName("CRM平台根证书");
   principals.setCountryCode("AU");
   PKCS10CertificationRequest csr = CSRManager.generateCSR(keypair, principals);
   clientrequeststore.save(csr, null);
 }
Beispiel #3
0
 public void createServerPfx() throws StorageException, CertificateException {
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   X509Certificate cacert = certstore.read();
   X509Certificate intercert = intercertstore.read();
   X509Certificate servercert = servercertstore.read();
   X509Certificate[] chain = new X509Certificate[3];
   chain[0] = (servercert);
   chain[1] = (intercert);
   chain[2] = (cacert);
   KeyPair serverkey = new PEMFileStore<KeyPair>("D:\\certs\\server.key").read();
   KeyStore pkcs12 = ca.generatePKCS12(chain, serverkey);
   new PfxStore("D://certs//server.pfx").save(pkcs12, "123456");
 }
Beispiel #4
0
 /**
  * Step 4,利用中间证书签发客户证书
  *
  * @throws StorageException
  * @throws CertificateException
  */
 public void createClientCert() throws StorageException, CertificateException {
   PEMFileStore<PKCS10CertificationRequest> clientrequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\client.req");
   PEMFileStore<KeyPair> serverkeystore = new PEMFileStore<KeyPair>("D:\\certs\\server.key");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   PEMFileStore<X509Certificate> clientcertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
   PKCS10CertificationRequest request = clientrequeststore.read();
   X509Certificate parentcert = servercertstore.read();
   KeyPair parentkey = serverkeystore.read();
   X509Certificate certificate = ca.issueCertificate(request, 365, parentcert, parentkey, true);
   clientcertstore.save(certificate, null);
 }
Beispiel #5
0
  public void createEmployeeCert() throws StorageException, CertificateException {
    PEMFileStore<PKCS10CertificationRequest> employeerequeststore =
        new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\employee.req");
    PEMFileStore<X509Certificate> employeecertstore =
        new PEMFileStore<X509Certificate>("D:\\certs\\employee.crt");
    PEMFileStore<X509Certificate> clientcertstore =
        new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
    PEMFileStore<KeyPair> clientkeystore = new PEMFileStore<KeyPair>("D:\\certs\\client.key");
    PKCS10CertificationRequest request = employeerequeststore.read();
    X509Certificate parentcert = clientcertstore.read();
    KeyPair parentkey = clientkeystore.read();
    X509Certificate certificate = ca.issueCertificate(request, 365, parentcert, parentkey, false);

    employeecertstore.save(certificate, null);
  }
Beispiel #6
0
 /**
  * Step 5,生成PKCS12
  *
  * @throws StorageException
  * @throws KeyStoreException
  * @throws NoSuchProviderException
  * @throws NoSuchAlgorithmException
  * @throws java.security.cert.CertificateException
  * @throws IOException
  */
 public void createClientPfx() throws CertificateException, StorageException {
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   PEMFileStore<X509Certificate> clientcertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
   PEMFileStore<KeyPair> clientkeystore = new PEMFileStore<KeyPair>("D:\\certs\\client.key");
   PfxStore pfxstore = new PfxStore("D:\\certs\\client.pfx");
   X509Certificate cacert = certstore.read();
   X509Certificate intercert = intercertstore.read();
   X509Certificate servercert = servercertstore.read();
   X509Certificate clientcert = clientcertstore.read();
   X509Certificate[] chain = new X509Certificate[4];
   chain[0] = (clientcert);
   chain[1] = (servercert);
   chain[2] = (intercert);
   chain[3] = (cacert);
   KeyPair clientkey = clientkeystore.read();
   KeyStore pkcs12 = ca.generatePKCS12(chain, clientkey);
   pfxstore.save(pkcs12, "123456");
 }
Beispiel #7
0
 public void createIntermediateCert() throws StorageException, CertificateException {
   PEMFileStore<PKCS10CertificationRequest> interrequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\inter.req");
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PKCS10CertificationRequest request = interrequeststore.read();
   X509Certificate parentcert = certstore.read();
   KeyPair parentkey = keystore.read();
   X509Certificate certificate = ca.issueCertificate(request, 365, parentcert, parentkey, true);
   intercertstore.save(certificate, null);
 }
Beispiel #8
0
 public void createEmployeePfx() throws StorageException, CertificateException {
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   PEMFileStore<X509Certificate> clientcertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
   PEMFileStore<X509Certificate> employeecertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\employee.crt");
   X509Certificate cacert = certstore.read();
   X509Certificate intercert = intercertstore.read();
   X509Certificate servercert = servercertstore.read();
   X509Certificate clientcert = clientcertstore.read();
   X509Certificate employeecert = employeecertstore.read();
   X509Certificate[] chain = new X509Certificate[5];
   chain[0] = (employeecert);
   chain[1] = (clientcert);
   chain[2] = (servercert);
   chain[3] = (intercert);
   chain[4] = (cacert);
   KeyPair employeekey = new PEMFileStore<KeyPair>("D:\\certs\\employee.key").read();
   KeyStore pkcs12 = ca.generatePKCS12(chain, employeekey);
   new PfxStore("D://certs//employee.pfx").save(pkcs12, "123456");
 }
Beispiel #9
0
 public void createEmployeeCSR() throws KeyPairException, StorageException, CertificateException {
   KeyPair keypair = KeyPairManager.generateRSAKeyPair();
   PublicKey public1 = keypair.getPublic();
   PEMFileStore<PublicKey> publicstore = new PEMFileStore<PublicKey>("D:\\certs\\employee.pub");
   publicstore.save(public1, null);
   PEMFileStore<KeyPair> employeekeystore = new PEMFileStore<KeyPair>("D:\\certs\\employee.key");
   employeekeystore.save(keypair, null);
   X509Attrs principals = new X509Attrs();
   principals.setCommonName("CRM测试员工");
   principals.setCountryCode("AU");
   principals.setGiveName("E00001");
   PKCS10CertificationRequest csr = CSRManager.generateCSR(keypair, principals);
   PEMFileStore<PKCS10CertificationRequest> employeerequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\employee.req");
   employeerequeststore.save(csr, null);
 }