如何使用opensaml-j创建凭证？

Question

嗨，我希望你们都好 我正在使用opensaml-j v3，我正努力用后者创建一个凭证，但我不知道如何创建它。

这是我的源代码

   `private static Credential getCredential() throws IOException, 
          NoSuchAlgorithmException, InvalidKeySpecException, CertificateException{
       InputStream is=new FileInputStream("C:\\openssl keys\\key.pk8");
       CertificateFactory cf=CertificateFactory.getInstance("X.509");
       X509Certificate cer=(X509Certificate) cf.generateCertificate(is);
       BasicX509Credential basicCredential=new BasicX509Credential(cer);
       basicCredential.setUsageType(UsageType.SIGNING);
       return basicCredential;
}`

这是堆栈跟踪

Exception in thread "main" java.security.cert.CertificateParsingException: signed fields invalid
	at sun.security.x509.X509CertImpl.parse(Unknown Source)
	at sun.security.x509.X509CertImpl.<init>(Unknown Source)
	at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
	at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
	at memory.CreateSamlAssertion.getCredential(CreateSamlAssertion.java:108)
	at memory.CreateSamlAssertion.createAssertion(CreateSamlAssertion.java:61)
	at memory.SamlTest.main(SamlTest.java:42)

错误在这一行：

X509Certificate cer=(X509Certificate) cf.generateCertificate(is);

所以我只有一个简单的问题：

有人可以向我展示如何创建凭证的源代码吗？

Answer 1

The problem is in your file you should create a .csr file here's a link: create a .csr file after the creation follow this snippet of code

private static String password="jkzhsmzku";//the password you set in the storepass
private static String alias="business"//this is the alias;

private static Credential getCredential(){
    char[] pass=password.toCharArray();
    KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType());
    FileInputStream fis=new FileInputStream("pathToFile/fileName.csr");
    ks.load(fis, pass);
    KeyStore.PrivateKeyEntry pkEntry=null;
    pkEntry=(PrivateKeyEntry) ks.getEntry(alias,new KeyStore.PasswordProtection(password.toCharArray()));
    PrivateKey pk=pkEntry.getPrivateKey();
    X509Certificate certificate=(X509Certificate) pkEntry.getCertificate();
    BasicX509Credential basicCredential=new BasicX509Credential(certificate);
    basicCredential.setPrivateKey(pk);
    return basicCredential;
}