我想创建一个JAVA程序,将.cer CA导入到现有的密钥库文件中.这样最终用户可以更方便地插入CA证书(不使用命令中的CMD和密钥).
这是JAVA代码可以做到的任何地方吗?
我尝试某种方式,但仍然无法将证书转换为java
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream certstream = fullStream (certfile);
Certificate certs = cf.generateCertificates(certstream);
错误是不兼容的类型,还有其他建议吗?
谢谢很多
use*_*117 35
我已经解决了问题.这是代码
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.io.IOException;
import java.io.InputStream;
import java.io.DataInputStream;
import java.io.ByteArrayInputStream;
import java.security.spec.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Collection;
public class ImportCA {
public static void main(String[] argv) throws Exception {
String certfile = "yourcert.cer"; /*your cert path*/
FileInputStream is = new FileInputStream("yourKeyStore.keystore");
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, "yourKeyStorePass".toCharArray());
String alias = "youralias";
char[] password = "yourKeyStorePass".toCharArray();
//////
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream certstream = fullStream (certfile);
Certificate certs = cf.generateCertificate(certstream);
///
File keystoreFile = new File("yourKeyStorePass.keystore");
// Load the keystore contents
FileInputStream in = new FileInputStream(keystoreFile);
keystore.load(in, password);
in.close();
// Add the certificate
keystore.setCertificateEntry(alias, certs);
// Save the new keystore contents
FileOutputStream out = new FileOutputStream(keystoreFile);
keystore.store(out, password);
out.close();
}
private static InputStream fullStream ( String fname ) throws IOException {
FileInputStream fis = new FileInputStream(fname);
DataInputStream dis = new DataInputStream(fis);
byte[] bytes = new byte[dis.available()];
dis.readFully(bytes);
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
return bais;
}
}
希望可以帮助那些需要它的人.它只是一个简单的代码,它将.cer文件CA证书插入到您的密钥库中,而不使用CMD中的keytool =)
tom*_*row 12
抱歉,这个答案没有带来任何新内容,但已接受答案中的代码太糟糕了,我只能将其发布。这只是一个抛光版本,仅此而已。因此,考虑从这里复制/粘贴,但赞成接受的答案而不是这个答案。
public static void addX509CertificateToTrustStore(String certPath, String certAlias, String storePath, String storePassword, String storeType)
throws FileNotFoundException, KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
char[] storePasswordCharArr = Objects.requireNonNull(storePassword, "").toCharArray();
KeyStore keystore;
try (FileInputStream storeInputStream = new FileInputStream(storePath);
FileInputStream certInputStream = new FileInputStream(certPath)) {
keystore = KeyStore.getInstance(storeType);
keystore.load(storeInputStream, storePasswordCharArr);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Certificate certificate = certificateFactory.generateCertificate(certInputStream);
keystore.setCertificateEntry(certAlias, certificate);
}
try (FileOutputStream storeOutputStream = new FileOutputStream(storePath)) {
keystore.store(storeOutputStream, storePasswordCharArr);
}
}
从链接下载证书并存储到特定路径..然后在运行时使用下面的代码将该文件加载到trustStore ..我希望这个exaple将帮助您..
KeyStore keyStore = KeyStore.getInstance("JKS");
String fileName = "D:\\certs_path\\cacerts"; // cerrtification file path
System.setProperty("javax.net.ssl.trustStore", fileName);