如何使用java程序使用客户端公共证书和私钥创建PKCS#12格式文件

时间:2017-02-16 13:03:20

标签: java ssl ssl-certificate pkcs#12

我有.pem格式文件形式的客户端公共证书和私钥文件。

你们中的任何人都可以帮助我如何使用java程序使用这些文件创建PKCS#12格式文件。

这里我添加了我的代码

<script type="text/javascript">

$(function() {
    $('#domain-checker').bind('submit',function(event){
        $.post('https://www.my-site.com/come/domainchecker.php',
        $(this).serialize(),
        function(json) {
            if(json.error) {
                $(".rezultat").text(json.error.message).fadeIn();
            } else if(json.result) {

                $(".rezultat").text("Domen je dostupan").fadeIn();
            } else {

                $(".rezultat").text("Domen je zauzet").fadeIn();
            }
        }, 'json');
        return false;
    });
});
</script>

2 个答案:

答案 0 :(得分:1)

您可以使用此代码,我也建议使用此link 

    public static byte[] pemToPKCS12(final String keyFile, final String cerFile, final String password) throws Exception {
// Get the private key
FileReader reader = new FileReader(keyFile);

PEMReader pem = new PEMReader(reader, new PasswordFinder() {
    @Override public char[] getPassword() {
        return password.toCharArray();
    }
});

PrivateKey key = ((KeyPair)pem.readObject()).getPrivate();

pem.close();
reader.close();

// Get the certificate      
reader = new FileReader(cerFile);
pem = new PEMReader(reader);

X509Certificate cert = (X509Certificate)pem.readObject();
java.security.cert.Certificate X509Certificate =
        new JcaX509CertificateConverter().setProvider("SC")
            .getCertificate(cert);
pem.close();
reader.close();

// Put them into a PKCS12 keystore and write it to a byte[]
ByteArrayOutputStream bos = new ByteArrayOutputStream();
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(null);
ks.setKeyEntry("alias", (Key)key, password.toCharArray(), new java.security.cert.Certificate[]{cert});
ks.store(bos, password.toCharArray());
bos.close();
return bos.toByteArray();}

答案 1 :(得分:0)

您的代码需要一些修复。请尝试这个功能齐全的代码。它不需要额外的依赖项。我假设你的密钥是PKCS#8(以-----BEGIN PRIVATE KEY-----开头。如果没有,你就不会转换它。

 public static void selfSignedCertificateToP12(String privateKeyFile, String certificateFile,String p12File, String alias, char[] password) 
        throws Exception{
    byte privateKeyData[] = Files.readAllBytes(Paths.get(privateKeyFile));
    byte certificateData[] = Files.readAllBytes(Paths.get(certificateFile));

    //Remove PEM header, footer and \n
    String privateKeyPEM = new String (privateKeyData, StandardCharsets.UTF_8);
    privateKeyPEM = privateKeyPEM.replace(
            "-----BEGIN PRIVATE KEY-----\n", "")
                .replace("-----END PRIVATE KEY-----", "")
                .replaceAll("\n", "");
    byte privateKeyDER[] = Base64.getDecoder().decode(privateKeyPEM);

     // Used to read User_privkey.pem file to get private key
    PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(privateKeyDER);
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    PrivateKey privateKey = keyFactory.generatePrivate(spec);

    //  Used to read user certificate 
    CertificateFactory factory = CertificateFactory.getInstance("X.509");
    Certificate cert = factory.generateCertificate(new ByteArrayInputStream(certificateData));

    //Create keystore, add entry with the provided alias and save
    KeyStore ks = KeyStore.getInstance("PKCS12");
    ks.load(null);
    ks.setKeyEntry(alias, privateKey, password, new Certificate[] { cert });
    OutputStream out = new FileOutputStream(p12File);
    ks.store(out, password);
    out.close();
}
相关问题
最新问题