Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/google-maps/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 颁发的证书不显示颁发者详细信息_Java_Security_Ssl_X509certificate_Bouncycastle - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 颁发的证书不显示颁发者详细信息

Java 颁发的证书不显示颁发者详细信息

java security ssl

Java 颁发的证书不显示颁发者详细信息,java,security,ssl,x509certificate,bouncycastle,Java,Security,Ssl,X509certificate,Bouncycastle,在我的应用程序中,我正在创建一个证书,并使用自签名CA进行签名。从代码中,我可以看到所有详细信息,如颁发者详细信息、有效性。 但是,在windows证书资源管理器的“证书路径”选项卡下查看颁发者时,颁发的证书不会显示颁发者详细信息。我做错了什么 提前谢谢 public void issueCertificate(KeyPair keypair, String cn, int days, KeyPurposeId purposeId) throws Exception {

在我的应用程序中,我正在创建一个证书,并使用自签名CA进行签名。从代码中,我可以看到所有详细信息,如颁发者详细信息、有效性。 但是,在windows证书资源管理器的“证书路径”选项卡下查看颁发者时,颁发的证书不会显示颁发者详细信息。我做错了什么

提前谢谢

public void issueCertificate(KeyPair keypair, String cn, int days,
        KeyPurposeId purposeId) throws Exception {

    if (keypair != null) {
        this.issuedKeyPair = keypair;
    } else {
        this.issuedKeyPair = generateRSAKeyPair();
    }

    PKCS10CertificationRequest request = generateCSR(issuedKeyPair, cn);

    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
    certGen.setIssuerDN(caCertificate.getSubjectX500Principal());
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis()
            + (1000L * 60 * 60 * 24 * days)));
    certGen.setSubjectDN(request.getCertificationRequestInfo().getSubject());
    certGen.setPublicKey(request.getPublicKey("BC"));
    certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCertificate));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            new SubjectKeyIdentifierStructure(request.getPublicKey("BC")));
    certGen.addExtension(X509Extensions.BasicConstraints, true,
            new BasicConstraints(false));
    certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(
            KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
    certGen.addExtension(X509Extensions.ExtendedKeyUsage, true,
            new ExtendedKeyUsage(purposeId));

    ASN1Set attributes = request.getCertificationRequestInfo()
            .getAttributes();

    if (attributes != null) {
        for (int i = 0; i != attributes.size(); i++) {
            org.bouncycastle.asn1.pkcs.Attribute attr = org.bouncycastle.asn1.pkcs.Attribute
                    .getInstance(attributes.getObjectAt(i));

            if (attr.getAttrType().equals(
                    PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
                X509Extensions extensions = X509Extensions.getInstance(attr
                        .getAttrValues().getObjectAt(0));

                Enumeration e = extensions.oids();
                while (e.hasMoreElements()) {
                    DERObjectIdentifier oid = (DERObjectIdentifier) e
                            .nextElement();
                    X509Extension ext = extensions.getExtension(oid);

                    certGen.addExtension(oid, ext.isCritical(), ext
                            .getValue().getOctets());
                }
            }
        }
    }

    this.issuedCertificate = certGen.generate(caKeyPair.getPrivate());

}
你真的在证书上签了CA吗?我的猜测是否定的。另一个猜测是,您实际上需要使用CA签署证书才能获得“证书路径”。是的。我终于弄明白了真正的问题是什么。RootCA需要在信任商店中。谢谢你的回复。