我继承了这个将userCertificate从AD中拉出来的代码:
byte[] userCERT = (byte[])attribs.get("userCertificate").get();
ByteArrayInputStream bais = new ByteArrayInputStream( (userCERT)) ;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cf.generateCertificate(bais);
我现在需要做的恰恰相反。用户将通过网络提交他们的公钥。它就像获取String并在其上执行toBytes()一样简单:
ByteArrayInputStream bais = new ByteArrayInputStream(userCertificateString.getBytes()) ;
Attribute modCert = new BasicAttribute("userCertificate", bais);
mods[0] = new ModificationItem(context.REPLACE_ATTRIBUTE, modCert);
context.modifyAttributes(dn + "," + searchBase, mods);
更新:事情并非如此简单。这不起作用。
任何指导都会很棒。
答案 0 :(得分:0)
最终的工作代码在这里:
ByteArrayInputStream bais = new ByteArrayInputStream( (userCertificateString.getBytes())) ;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cf.generateCertificate(bais);
System.err.println("<I>" + cert.getIssuerX500Principal().getName().toString());
System.err.println("<S>" + cert.getSubjectX500Principal().getName().toString());
Attribute modCert = new BasicAttribute("userCertificate", cert.getEncoded());
mods[0] = new ModificationItem(context.REPLACE_ATTRIBUTE, modCert);
context.modifyAttributes(dn + "," + searchBase, mods);
希望它有所帮助...