最近公司有个项目用,需要基于PKCS10证书请求生成证书,然后最近也是找了资料学习了一下,在此记录一下:
1.首先是生成PKCS10证书请求:
RSA:
public static String genCSR()
throws InvalidKeyException, NoSuchAlgorithmException,
NoSuchProviderException, SignatureException {
try
{
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
X509Name dn = new X509Name("CN=TEST,O=TEST,L=BJ,C=CN");
//定义密钥对生成算法
KeyPairGenerator keyGen =KeyPairGenerator.getInstance("RSA");
//定义加密位数,RSA2048的生成略慢
keyGen.initialize(2048);
KeyPair kp = keyGen.generateKeyPair();
PKCS10CertificationRequest p10 = new PKCS10CertificationRequest("SHA1WithRSA", dn, kp.getPublic(),new DERSet(), kp.getPrivate());
byte[] der = p10.getEncoded();
String code = "-----BEGIN CERTIFICAT