Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/356.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
从Java中的PEM格式文件中提取多个X.509证书_Java_Ssl_Certificate_Bouncycastle_X509 - Fatal编程技术网
Fatal编程技术网
  • java/
  • 从Java中的PEM格式文件中提取多个X.509证书

从Java中的PEM格式文件中提取多个X.509证书

java ssl certificate

从Java中的PEM格式文件中提取多个X.509证书,java,ssl,certificate,bouncycastle,x509,Java,Ssl,Certificate,Bouncycastle,X509,我有一个方法,使用bouncycastle库从给定的PEM格式文件中提取X.509证书 进口: import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.security.cert.CertificateException; import java

我有一个方法,使用bouncycastle库从给定的PEM格式文件中提取X.509证书

进口:

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.openssl.PEMParser;
方法:

/**
 * Reads an X509 certificate from a PEM file.
 *
 * @param certificateFile The PEM file.
 * @return the X509 certificate, or null.
 * @throws IOException if reading the file fails
 * @throws CertificateException if parsing the certificate fails
 */
public static X509Certificate readCertificatePEMFile(File certificateFile) throws IOException, CertificateException {
    if (certificateFile.exists() && certificateFile.canRead()) {
        try (InputStream inStream = new FileInputStream(certificateFile)) {
            try (PEMParser pemParser = new PEMParser(new InputStreamReader(inStream))) {
                Object object = pemParser.readObject();
                if (object != null && object instanceof X509CertificateHolder) {
                    return new JcaX509CertificateConverter().getCertificate( (X509CertificateHolder)object );
                }
            }
        }
    }
    return null;
}
这适用于“普通”证书文件,例如服务器证书。
如果我有一个CA链证书文件,其中包含多个证书,我如何从该文件中提取所有证书(显示的方法仅提取文件中的第一个证书)。

试试这段代码,它可以处理多个证书和私钥条目im PEM文件

Security.addProvider(new BouncyCastleProvider());
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
while((object = pemParser.readObject())!=null)
{
    if(object instanceof X509CertificateHolder)
    {
        X509Certificate x509Cert = (X509Certificate) new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) object);
    }
    else if(object instanceof PEMEncryptedKeyPair)
    {
        if(password==null) throw new IllegalArgumentException("Password required for parsing RSA Private key");

        PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());
        converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));
    }
    else if(object instanceof PEMKeyPair)
    {
        converter.getKeyPair((PEMKeyPair) object);
    }     
}
您是否尝试调用
pemParser.readObject()多次,直到
对象
为空?