这些代码首先加载CA证书,然后分别用CA给Alice和Bob签发一个证书并保存到resource/目录下面,用jks格式存储。
CA证书也是用java编程方式制作的,制作过程请看我的上一篇博客。
public static void main(String[] args) throws KeyStoreException,
NoSuchAlgorithmException, CertificateException,
FileNotFoundException, IOException, UnrecoverableEntryException {
//读取CA证书的JKS文件
KeyStore store = KeyStore.getInstance("JKS");
File file = new File("resource/atlas-ca.jks");
store.load(new FileInputStream(file), "atlas".toCharArray());
PrivateKeyEntry ke = (PrivateKeyEntry) store.getEntry("atlas",
new PasswordProtection("atlas".toCharArray()));
String subject = "C=CN,ST=GuangDong,L=Shenzhen,O=Skybility,OU=Cloudbility,CN=Alice,E=alice@163.com";
//给alice签发证书并存为xxx-alice.jks的文件
gen(ke, subject, "alice"