Пример #1
0
 /**
  * We need a root CA as a file to add to the browser under which all certificates will be trusted.
  *
  * @throws Exception
  */
 private void createRootCA() throws Exception {
   KeyPair _keyPair = newKeyPair();
   rootCA = buildRootCert(Configuration.getRootCaName(), _keyPair);
   writePEMObject(rootCAPath, rootCA);
   writePEMObject(Configuration.getRootKeyPath(), _keyPair.getPrivate());
   keystore.setKeyEntry(
       Configuration.getRootCaName(),
       _keyPair.getPrivate(),
       KEYSTORE_PASSWORD.toCharArray(),
       new X509Certificate[] {rootCA});
 }
Пример #2
0
 private SubjectPublicKeyInfo getSubjectPublicKeyInfo(KeyPair _keyPair) {
   byte[] encodedPublicKey = _keyPair.getPublic().getEncoded();
   return new SubjectPublicKeyInfo(ASN1Sequence.getInstance(encodedPublicKey));
 }
Пример #3
0
 private X509Certificate buildRootCert(String domain, KeyPair _keyPair) throws Exception {
   X509v3CertificateBuilder certificateBuilder = createX509v3CertificateBuilder(domain, _keyPair);
   certificateBuilder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
   return createX509Certificate(certificateBuilder, _keyPair.getPrivate());
 }
Пример #4
0
 protected void generateKeyAndPutIntoKeyStore(final String domain) throws Exception {
   KeyPair keyPair = newKeyPair();
   X509Certificate cert = buildSignedCert(domain, keyPair);
   addCertToKeystore(cert, keyPair.getPrivate(), domain);
 }