gpt4 book ai didi

java - 在JAVA中创建PKCS12证书

转载 作者:行者123 更新时间:2023-12-01 14:59:37 24 4
gpt4 key购买 nike

这就是我正在尝试做的事情:

  • 我连接到我的 SSL 服务器

  • 它向我发送了两个证书,其中一个是自签名的

在这个阶段,没有任何问题,我已经:

X509Certificate[] myTwoCerts; 
// with 2 certificates in there, and I'm sure it's there because, I print them in my console.
  • 现在我想创建包含 2 个证书的 .p12 文件。

到目前为止,我已经尝试过这样的事情:

KeyStore pkcs12Store = KeyStore.getInstance("PKCS12");
pkcs12Store.load(null, null);
X509Certificate cert1 = myTwoCerts[0];
X509Certificate cert2 = myTwoCerts[1]
String alias1 = "FIRST";
String alias2 = "SECOND";
pkcs12Store.setCertificateEntry(alias1, cert2);
pkcs12Store.setCertificateEntry(alias2, cert2);

但我遇到以下异常:

Exception in thread "main" java.security.KeyStoreException: TrustedCertEntry not supported

有人可以帮我吗?

最佳答案

PKCS12 Java 中的 keystore 不能用于存储没有私钥的证书或证书链。

请参阅 JCA reference guide 中的此注释:

"pkcs12" is another option. This is a cross platform keystore based on the RSA PKCS12 Personal Information Exchange Syntax Standard. This standard is primarily meant for storing or transporting a user's private keys, certificates, and miscellaneous secrets. As of JDK 6, standards for storing Trusted Certificates in "pkcs12" have not been established yet, and thus "jks" or "jceks" should be used for trusted certificates.

(尽管提到了 JDK 6,但这仍然在 JDK 7 文档中。)

如果你想在Java中将私钥+证书(链)存储在PKCS#12存储中,则需要有私钥并且需要使用setKeyEntry方法。

关于java - 在JAVA中创建PKCS12证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/13860939/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com