Mega Code Archive

 

Categories / Java Tutorial / Security

 

Creating a Certificate in Java

import java.io.FileInputStream; import java.io.FileOutputStream; import java.security.KeyStore; import java.security.PrivateKey; import java.util.Date; import sun.security.x509.AlgorithmId; import sun.security.x509.CertificateAlgorithmId; import sun.security.x509.CertificateIssuerName; import sun.security.x509.CertificateSerialNumber; import sun.security.x509.CertificateSubjectName; import sun.security.x509.CertificateValidity; import sun.security.x509.X500Name; import sun.security.x509.X509CertImpl; import sun.security.x509.X509CertInfo; public class MainClass {   public static void main(String[] args) throws Exception {     String keystoreFile = "keyStoreFile.bin";     String caAlias = "caAlias";     String certToSignAlias = "cert";     String newAlias = "newAlias";     char[] password = new char[]{'a','b','c','d','e','f','g','h'};     char[] caPassword = new char[]{'a','b','c','d','e','f','g','h'};     char[] certPassword = new char[]{'a','b','c','d','e','f','g','h'};     FileInputStream input = new FileInputStream(keystoreFile);     KeyStore keyStore = KeyStore.getInstance("JKS");     keyStore.load(input, password);     input.close();     PrivateKey caPrivateKey = (PrivateKey) keyStore.getKey(caAlias, caPassword);     java.security.cert.Certificate caCert = keyStore.getCertificate(caAlias);     byte[] encoded = caCert.getEncoded();     X509CertImpl caCertImpl = new X509CertImpl(encoded);     X509CertInfo caCertInfo = (X509CertInfo) caCertImpl.get(X509CertImpl.NAME + "."         + X509CertImpl.INFO);     X500Name issuer = (X500Name) caCertInfo.get(X509CertInfo.SUBJECT + "."         + CertificateIssuerName.DN_NAME);     java.security.cert.Certificate cert = keyStore.getCertificate(certToSignAlias);     PrivateKey privateKey = (PrivateKey) keyStore.getKey(certToSignAlias, certPassword);     encoded = cert.getEncoded();     X509CertImpl certImpl = new X509CertImpl(encoded);     X509CertInfo certInfo = (X509CertInfo) certImpl         .get(X509CertImpl.NAME + "." + X509CertImpl.INFO);     Date firstDate = new Date();     Date lastDate = new Date(firstDate.getTime() + 365 * 24 * 60 * 60 * 1000L);     CertificateValidity interval = new CertificateValidity(firstDate, lastDate);     certInfo.set(X509CertInfo.VALIDITY, interval);     certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(         (int) (firstDate.getTime() / 1000)));     certInfo.set(X509CertInfo.ISSUER + "." + CertificateSubjectName.DN_NAME, issuer);     AlgorithmId algorithm = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);     certInfo.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algorithm);     X509CertImpl newCert = new X509CertImpl(certInfo);     newCert.sign(caPrivateKey, "MD5WithRSA");     keyStore.setKeyEntry(newAlias, privateKey, certPassword,         new java.security.cert.Certificate[] { newCert });     FileOutputStream output = new FileOutputStream(keystoreFile);     keyStore.store(output, password);     output.close();   } }