数字签名证书集发行者名称

时间:2016-02-25 16:30:28

标签: java itext digital-signature x509certificate

通过使用java x509certificate,我正在生成一个p12证书。对证书进行数字签名后,其显示的主题和发行者相同。任何人都可以帮我设置主题作为我的名字和发行人作为公司名称。

P12文件,其自身具有发行人和主题相同。

Image 1

Image 2

以下是我生成证书的代码

package com.dynamic;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import sun.security.x509.CertAndKeyGen;
import sun.security.x509.X500Name;
public class Dynamic { 
    public static void main(String[] args) {
        try{           
            Dynamic di=new Dynamic();
            di.createPFXFile();
        } catch (Exception ex){
            ex.printStackTrace();
        }
    }    
public boolean createPFXFile() throws IOException, NoSuchAlgorithmException, CertificateException, InvalidKeyException, SignatureException, NoSuchProviderException
    {
        boolean flag=false;
        try {
            X509Certificate cert=null;
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            CertAndKeyGen gen = new CertAndKeyGen("RSA","SHA1WithRSA");
            gen.generate(2048);
            Key key=gen.getPrivateKey();
            System.out.println("private key" + key);             
            cert=gen.getSelfCertificate(new X500Name("name","ccc","ddd","eee"), (long)365*24*3600);           
            X509Certificate[] chain = new X509Certificate[1];
            chain[0]=cert;
            System.out.println("chain[0] :"+chain[0]);
            keyStore.setKeyEntry("private", key, "password".toCharArray(), chain); 
            keyStore.store(new FileOutputStream("D:/"+uid+".p12"), "password".toCharArray()); 
            return flag=true;
        } catch (Exception ex) {
            Logger.getLogger(Dynamic.class.getName()).log(Level.SEVERE, null, ex);
        }
        return flag;
    }  
}

1 个答案:

答案 0 :(得分:0)

这是一个自签名证书,因此问题。要解决此问题,请首先创建CA证书(可以自签名),然后使用CA对证书进行签名。

相关问题
最新问题