Exemplo n.º 1
0
 /**
  * Step 1,创建CA
  *
  * @throws KeyPairException
  * @throws CertificateException
  */
 public void initCA() throws KeyPairException, CertificateException {
   ca = new CAManager();
   X509Attrs principals = new X509Attrs();
   principals.setCommonName("私享家CA根证书");
   principals.setCountryCode("AU");
   ca.init(keystore, certstore, principals);
 }
Exemplo n.º 2
0
 public void createIntermediateCert() throws StorageException, CertificateException {
   PEMFileStore<PKCS10CertificationRequest> interrequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\inter.req");
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PKCS10CertificationRequest request = interrequeststore.read();
   X509Certificate parentcert = certstore.read();
   KeyPair parentkey = keystore.read();
   X509Certificate certificate = ca.issueCertificate(request, 365, parentcert, parentkey, true);
   intercertstore.save(certificate, null);
 }
Exemplo n.º 3
0
 /**
  * Step 4,利用中间证书签发客户证书
  *
  * @throws StorageException
  * @throws CertificateException
  */
 public void createClientCert() throws StorageException, CertificateException {
   PEMFileStore<PKCS10CertificationRequest> clientrequeststore =
       new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\client.req");
   PEMFileStore<KeyPair> serverkeystore = new PEMFileStore<KeyPair>("D:\\certs\\server.key");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   PEMFileStore<X509Certificate> clientcertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
   PKCS10CertificationRequest request = clientrequeststore.read();
   X509Certificate parentcert = servercertstore.read();
   KeyPair parentkey = serverkeystore.read();
   X509Certificate certificate = ca.issueCertificate(request, 365, parentcert, parentkey, true);
   clientcertstore.save(certificate, null);
 }
Exemplo n.º 4
0
  public void createEmployeeCert() throws StorageException, CertificateException {
    PEMFileStore<PKCS10CertificationRequest> employeerequeststore =
        new PEMFileStore<PKCS10CertificationRequest>("D:\\certs\\employee.req");
    PEMFileStore<X509Certificate> employeecertstore =
        new PEMFileStore<X509Certificate>("D:\\certs\\employee.crt");
    PEMFileStore<X509Certificate> clientcertstore =
        new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
    PEMFileStore<KeyPair> clientkeystore = new PEMFileStore<KeyPair>("D:\\certs\\client.key");
    PKCS10CertificationRequest request = employeerequeststore.read();
    X509Certificate parentcert = clientcertstore.read();
    KeyPair parentkey = clientkeystore.read();
    X509Certificate certificate = ca.issueCertificate(request, 365, parentcert, parentkey, false);

    employeecertstore.save(certificate, null);
  }
Exemplo n.º 5
0
 public void createServerPfx() throws StorageException, CertificateException {
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   X509Certificate cacert = certstore.read();
   X509Certificate intercert = intercertstore.read();
   X509Certificate servercert = servercertstore.read();
   X509Certificate[] chain = new X509Certificate[3];
   chain[0] = (servercert);
   chain[1] = (intercert);
   chain[2] = (cacert);
   KeyPair serverkey = new PEMFileStore<KeyPair>("D:\\certs\\server.key").read();
   KeyStore pkcs12 = ca.generatePKCS12(chain, serverkey);
   new PfxStore("D://certs//server.pfx").save(pkcs12, "123456");
 }
Exemplo n.º 6
0
 /**
  * Step 5,生成PKCS12
  *
  * @throws StorageException
  * @throws KeyStoreException
  * @throws NoSuchProviderException
  * @throws NoSuchAlgorithmException
  * @throws java.security.cert.CertificateException
  * @throws IOException
  */
 public void createClientPfx() throws CertificateException, StorageException {
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   PEMFileStore<X509Certificate> clientcertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
   PEMFileStore<KeyPair> clientkeystore = new PEMFileStore<KeyPair>("D:\\certs\\client.key");
   PfxStore pfxstore = new PfxStore("D:\\certs\\client.pfx");
   X509Certificate cacert = certstore.read();
   X509Certificate intercert = intercertstore.read();
   X509Certificate servercert = servercertstore.read();
   X509Certificate clientcert = clientcertstore.read();
   X509Certificate[] chain = new X509Certificate[4];
   chain[0] = (clientcert);
   chain[1] = (servercert);
   chain[2] = (intercert);
   chain[3] = (cacert);
   KeyPair clientkey = clientkeystore.read();
   KeyStore pkcs12 = ca.generatePKCS12(chain, clientkey);
   pfxstore.save(pkcs12, "123456");
 }
Exemplo n.º 7
0
 public void createEmployeePfx() throws StorageException, CertificateException {
   PEMFileStore<X509Certificate> intercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\inter.crt");
   PEMFileStore<X509Certificate> servercertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\server.crt");
   PEMFileStore<X509Certificate> clientcertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\client.crt");
   PEMFileStore<X509Certificate> employeecertstore =
       new PEMFileStore<X509Certificate>("D:\\certs\\employee.crt");
   X509Certificate cacert = certstore.read();
   X509Certificate intercert = intercertstore.read();
   X509Certificate servercert = servercertstore.read();
   X509Certificate clientcert = clientcertstore.read();
   X509Certificate employeecert = employeecertstore.read();
   X509Certificate[] chain = new X509Certificate[5];
   chain[0] = (employeecert);
   chain[1] = (clientcert);
   chain[2] = (servercert);
   chain[3] = (intercert);
   chain[4] = (cacert);
   KeyPair employeekey = new PEMFileStore<KeyPair>("D:\\certs\\employee.key").read();
   KeyStore pkcs12 = ca.generatePKCS12(chain, employeekey);
   new PfxStore("D://certs//employee.pfx").save(pkcs12, "123456");
 }