官方文档:https://github.com/wechatpay-apiv3/CertificateDownloader
参考文档1:https://blog.csdn.net/dling8/article/details/84061948
参考文档2:https://blog.csdn.net/qq_40703809/article/details/115691810
众所周知,在微信支付平台设置apikey3后下载的证书是只有如下图所示的那三个的,平台证书是需要另外下载的,通过商户号密钥证书序列号等。
按照官方文档的步骤,下载CertificateDownloader.jar,用jar包下载证书:
要注意jar包的名字,因为我下载下来的jar包是带版本号的(CertificateDownloader-1.1.jar
),官方文档的命令是不带版本号的。
java -jar CertificateDownloader-1.1.jar -k 你的apiv3key -m 商户id -f C:/Users/11299/Downloads/v3/apiclient_key.pem(证书密钥地址) -s 你的证书序列号 -o d:/data(证书下载地址)
执行命令后,出现以下报错信息:
Exception in thread "main" picocli.CommandLine$ExecutionException: Error while running command (com.elias.CertificateDownloader@72ba28ee): java.lang.IllegalArgumentException: java.security.InvalidKeyException: Illegal key size
at picocli.CommandLine.executeUserObject(CommandLine.java:1738)
at picocli.CommandLine.access$900(CommandLine.java:145)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2101)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2068)
at picocli.CommandLine$AbstractParseResultHandler.handleParseResult(CommandLine.java:1928)
at picocli.CommandLine.parseWithHandlers(CommandLine.java:2282)
at picocli.CommandLine.run(CommandLine.java:2740)
at picocli.CommandLine.run(CommandLine.java:2677)
at com.elias.CertificateDownloader.main(CertificateDownloader.java:155)
Caused by: java.lang.IllegalArgumentException: java.security.InvalidKeyException: Illegal key size
at com.wechat.pay.contrib.apache.httpclient.util.AesUtil.decryptToString(AesUtil.java:42)
at com.elias.CertificateDownloader.decryptAndValidate(CertificateDownloader.java:118)
at com.elias.CertificateDownloader.downloadCertificate(CertificateDownloader.java:103)
at com.elias.CertificateDownloader.run(CertificateDownloader.java:67)
at picocli.CommandLine.executeUserObject(CommandLine.java:1729)
... 8 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at com.wechat.pay.contrib.apache.httpclient.util.AesUtil.decryptToString(AesUtil.java:35)
... 12 more
通过参考文档1,了解了jdk8自带的jar包只能处理128位的密钥,通过文档中的官方的Oracle地址下载jar包,并且将原来的\jre\lib\security
中的两个jar包替换掉。
但是,问题来了,我还是出现了以上问题,反复尝试,通过重启电脑等方式,还是不行。
最后通过参考文档2,瞄到一丝不一样的东西,就是将CertificateDownloader-1.1.jar放到java的bin目录下
,并且在此目录下打开cmd,去执行那段java -jar的命令。最后成功了(之前那个jar包就放在浏览器下载目录下,并且就在那个目录打开的cmd)。