我该如何格式化BouncyCastle创建的X509证书中SubjectAlternativeName的IP地址?
[英]How must I format IP Address for SubjectAlternativeName in X509 certificate created by BouncyCastle?
问题描述
I use BouncyCastle to generate certificats. 
我使用BouncyCastle生成证书。 Now I want to add some SubjectAlternativeName , just like: 现在,我想添加一些SubjectAlternativeName ,就像:
...
ArrayList namesList = new ArrayList();
namesList.add(new GeneralName(GeneralName.dNSName, "*.test"));
namesList.add(new GeneralName(GeneralName.iPAddress, "127.0.0.1"));
namesList.add(new GeneralName(GeneralName.rfc822Name, "zoltar@spkac.spectra.org"));
GeneralNames subjectAltNames = new GeneralNames(new DERSequence((GeneralName[])namesList.toArray(new GeneralName [] {})));
new_cert.addExtension(X509Extensions.SubjectAlternativeName, false, subjectAltNames);
...
Program executes without exception, but then I cannot see "IP Address". 程序无一例外地执行,但随后我看不到“ IP地址”。 With openssl I see: 使用openssl我看到:
...
DNS:*.test, IP Address:<invalid>, email:zoltar@spkac.spectra.org
...
What is the correct form of IP address in call of GeneralName(GeneralName.iPAddress, ...)) ? 调用GeneralName(GeneralName.iPAddress, ...)) IP地址的正确格式是什么?
1 个解决方案
解决方案1
0 已采纳 2017-05-05 06:09:30
I think it was problem with very old BouncyCastle library. 我认为这是非常古老的BouncyCastle库的问题。 Application used version 1.39 from year 2008. So I upgraded BC to version 1.56 (December 2016) and rewrote application because BC changed some API. 应用程序从2008年开始使用1.39版。因此,我将BC升级到1.56版(2016年12月),并重写了应用程序,因为BC更改了一些API。 Now I see: 现在我明白了:
DNS:*.test, IP Address:127.0.0.1, email:zoltar@spkac.spectra.org
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.