堆栈内存溢出
  简体   繁体   English

从GUI创建自签名证书和密钥库

[英]Creating Self Signed Certificate and KeyStore from GUI

 原文  2014-06-06 11:34:40       java/ swing/ ssl

问题描述

We have an application locally hosted on which we create self signed certificate and keystore using java keytool command line utility in order to run the application over https. 我们有一个本地托管的应用程序,使用java keytool命令行实用程序在该应用程序上创建自签名证书和密钥库,以便通过https运行该应用程序。

We are now changing and wants to create keystore and self-signed certificate from a Graphical User interface. 现在,我们正在进行更改,并希望通过图形用户界面创建密钥库和自签名证书。 So is there any opensource tool available which can cater all the requirement or I have to develop this using Java Swings? 那么,有没有可用的开源工具可以满足所有需求,或者我必须使用Java Swings开发它?

Please suggest what is the best option. 请提出最佳选择。

2 个解决方案

解决方案1
 1  2014-06-06 13:06:49

As far as I know, there's nothing in the public API of the JRE to let you do this, but you can issue certificates using third-party libraries such as BouncyCastle. 据我所知,JRE的公共API中没有让您执行此操作的方法,但是您可以使用BouncyCastle等第三方库来颁发证书。 There is a snippet of code in this question to give you an example (although don't forget to read the question and its answer if you want to avoid that particular problem). 还有的代码片断这个问题,给你一个例子(但如果你想避免这种特殊问题不要忘了阅读问题和回答的)。 Of course, you can also look at the documentation for X509v3CertificateBuilder directly too. 当然,您也可以直接查看X509v3CertificateBuilder的文档。

It's not very difficult to use, but you may need to try multiple solutions first, to get to the point where you generate a certificate with the attributes and extensions you need. 使用起来不是很困难,但是您可能需要首先尝试多种解决方案,以使您可以生成具有所需属性和扩展名的证书。

It's worth keeping using keytool during development, to export and compare certificates. 值得在开发期间使用keytool来导出和比较证书。 Using openssl x509 -text ... to check the content of the certificates you're generating is also useful. 使用openssl x509 -text ...检查生成的证书的内容也很有用。

解决方案2
 1  2014-06-06 15:50:10

Use ProcessBuilder , illustrated here , to execute the required keytool command. 使用此处所示的ProcessBuilder来执行所需的keytool命令。 Use JPasswordField to let the user enter the required keystone password. 使用JPasswordField可以让用户输入所需的keystone密码。 Consider using the approach shown here with java-web-start and a self-signed certificate. 考虑将此处显示的方法与java-web-start和自签名证书一起使用。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从openssl自签名证书文件创建Java密钥库 - Create a Java Keystore from a openssl Self-Signed certificate file 使用我的自签名证书创建KeyStore实例 - Create a KeyStore instance with my self signed certificate Java自签名证书和密钥库用法 - Java self signed certificate and keystore usage 以编程方式将自签名证书添加到密钥库/信任库 - Programmatically add a self-signed certificate to your keystore/truststore 用于SSL身份验证的自签名证书和客户端密钥库 - Self-signed Certificate and Client Keystore for SSL Authentication 在Java中创建密钥库文件(.jks)和自签名证书(.cer / .crt) - Create a keystore file (.jks) and a self signed certificate (.cer/.crt) in Java 如何使用自签名证书创建密钥库和信任库? - How to create keystore and truststore using self-signed certificate? 如何从签名证书创建信任库和密钥库? - How do I create truststore and keystore from the signed certificate? Java/Keystore 验证签名证书 - Java/Keystore Verify Signed certificate 使用BouncyCastle为java.security.Keystore生成自签名证书的简单方法 - Easy way to generate a self-signed certificate for java.security.Keystore using BouncyCastle
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM