How to generate a client certificate (PKCS12) in Java?

I

ingush2017-03-27 14:23:13

Java

ingush, 2017-03-27 14:23:13

Good afternoon
Guys, please help, I re-read all the docks, but I just can’t
figure it out How to generate self-signed certificates in runtime in Java. I found the bouncy castle library, but I just can’t
figure it out Or even like this: how in Java you can write such logic as in php:

private function generate_pkcs($secret) {
        $dn = [
            'countryName'   => 'RU',
            'commonName'    => 'client'
        ];

        $options = [
            'private_key_bits'    => 1024,
            'private_key_type'    => OPENSSL_KEYTYPE_RSA,
            'encrypt_key'         => FALSE
        ];

        $client_key = openssl_pkey_new($options);

        $csr = openssl_csr_new($dn, $client_key, $options);

        $serial = time();

        $client_crt = openssl_csr_sign($csr,  $server_crt, $server_key, 50000, $options, $serial);

        $out = NULL;
        openssl_pkcs12_export($client_crt, $out, $client_key, $secret);

        $result = [
            'serial'    => $serial,
            'pkcs12'    => $out
        ];

        return $result;

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

G

gosha-z, 2017-03-27
@gosha-z

To start reading here

M

mbto, 2017-03-27
@mbto

portecle-1.9
Portecle is a user friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.