在写一个CA 的时候遇见问题如下:
java.security.cert.CertificateException: Issuer class type invalid.
at sun.security.x509.X509CertInfo.setIssuer(X509CertInfo.java:860)
at sun.security.x509.X509CertInfo.set(X509CertInfo.java:403)
at certforge.web.CertForgeServlet.doSignCert3(CertForgeServlet.java:1409)
at certforge.web.CertForgeServlet.doGet(CertForgeServlet.java:595)
at certforge.web.CertForgeServlet.doPost(CertForgeServlet.java:537)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at certforge.util.servlet.ThreadLocalFilter.doFilter(ThreadLocalFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at certforge.util.servlet.WrapperFilter.doFilter(WrapperFilter.java:95)
意思就是无效的发行人
问题主要是在设置X509CertInfo 设置属性时
certInfo.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer));
这样设置在jdk 1.6 版本中是没有任何问题的,但是在1.8 中稍微有点改变,可以更改为如下:
certInfo.set(X509CertInfo.ISSUER, issuer); //即不再使用包装进行封装直接进行值得设置
稍提下找问题的经历:在国内网站上各种找,就是没有找到,但是在国外网站搜一下就有了,如下
意思就是说1.8版本中不用使用包装类,
去国外网站相关的文章,或者直接github 搜索科学上网:
https://www.bennythink.com/all-platform-scientific-internet-all-in-one.html