替代 CertandKeygen 在 Java 中生成自签名证书
我有以下使用类 CertandKeyGen 生成自签名证书的方法.
I have the following way of generating a self signed certificate using the class CertandKeyGen.
CertandKeyGen cert = new CertandKeyGen("RSA", "SHA256withRSA);
cert.generate(size);
..
X509Certificate certificate = cert.getSelfCertificate(name, validity);
由于这些是来自 keytool 的内部 API,我正在研究使用 java.security.* API 的类似方法.我想知道目前这是否可行.如果是,那些 API 是什么?我四处挖掘,但我找不到任何关于它的信息.我知道充气城堡 API (X509V3CertificateGenerator),但我不想使用第三方 API.
Since these are internal APIs from keytool, I am looking at a similar approach using java.security.* APIs. I want to know if this is possible currently. If yes, what are those APIs? I dug around but I am unable to find anything about it. I am aware of bouncy castle APIs (X509V3CertificateGenerator) but I do not want to use third party APIs.
谢谢.
目前,我不认为 keytool 中使用的生成/签名机制是 Java 公共 API 的一部分.
At present, I do not believe that the generation/signing mechanisms that are used in keytool are part of the public API for Java.
我已经实现了一个非常简单的 CA/签名机制,利用 BouncyCastle 进行测试.
I have implemented a very simple CA/Signing mechanism utilizing BouncyCastle for testing purposes.
我认为如果没有第 3 方 api 或自己实现大量代码,您将无法做到这一点.
I don't think you're going to be able to do this without a 3rd party api or implementing a very significant amount of code on your own.