dcsimg
Generating a X509 Certificate from a KeyPair via API
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Andy_None
Posted On:   Tuesday, November 12, 2002 08:51 AM

Hi I have a keypair and wish to generate a X509 certificate via the API, but cant seem to work out how / or if its possible..

Can someone point me in the right direction?

Thanks

Re: Generating a X509 Certificate from a KeyPair via API

Posted By:   Anonymous  
Posted On:   Thursday, November 21, 2002 08:29 PM

HI!

to save a private key into a keystore, you can refer to the example from bouncycastle (using their provider). i generated my DSA keypair, generate a X509 cert, and store all of them into a keystore file. here's some part of the example from bouncycastle (for more details, look at the CertTest.java under package org.bouncycastle.jce.provider.test)



Hashtable attrs = new Hashtable();


attrs.put(X509Principal.C, "AU");

attrs.put(X509Principal.O, "The Legion of the Bouncy Castle");

attrs.put(X509Principal.L, "Melbourne");

attrs.put(X509Principal.ST, "Victoria");

attrs.put(X509Principal.E, "feedback-crypto@bouncycastle.org");


Vector ord = new Vector();

Vector values = new Vector();


ord.addElement(X509Principal.C);

ord.addElement(X509Principal.O);

ord.addElement(X509Principal.L);

ord.addElement(X509Principal.ST);

ord.addElement(X509Principal.E);


values.addElement("AU");

values.addElement("The Legion of the Bouncy Castle");

values.addElement("Melbourne");

values.addElement("Victoria");

values.addElement("feedback-crypto@bouncycastle.org");


//

// extensions

//


//

// create the certificate - version 3 - without extensions

//

X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();


certGen.setSerialNumber(BigInteger.valueOf(1));

certGen.setIssuerDN(new X509Principal(attrs));

certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));

certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));

certGen.setSubjectDN(new X509Principal(attrs));

certGen.setPublicKey(pubKey);

certGen.setSignatureAlgorithm("MD5WithRSAEncryption");


try

{

X509Certificate cert = certGen.generateX509Certificate(privKey);

About | Sitemap | Contact