The most common approach of generating a self-signed certificate is using the java keytool.
There may be a situation when you want to create a self signed certificates programmatically One approach of programmatically generating these self-signed certificates is through the Bouncy Castle API.
To start with this, you need to have the Bouncy Castle jar in your classpath.(You can download it from here)
Steps to generate self signed certificate key:
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
keyStore.load(null, null);
keyStore.setKeyEntry("YOUR_CERTIFICATE_NAME", key, "YOUR_PASSWORD".toCharArray(), new java.security.cert.Certificate[]{cert});
File file = new File(".", "keystore.test");
keyStore.store( new FileOutputStream(file), "YOUR_PASSWORD".toCharArray() );
I have uploaded the tutorial over here.
There may be a situation when you want to create a self signed certificates programmatically One approach of programmatically generating these self-signed certificates is through the Bouncy Castle API.
To start with this, you need to have the Bouncy Castle jar in your classpath.(You can download it from here)
Steps to generate self signed certificate key:
1. Create a public/private key pair for the new certificate
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
2. Create new certificate Structure
// GENERATE THE X509 CERTIFICATE
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
v3CertGen.setIssuerDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
v3CertGen.setSubjectDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setPublicKey(keyPair.getPublic());
v3CertGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
cert = v3CertGen.generateX509Certificate(keyPair.getPrivate());
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
v3CertGen.setIssuerDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
v3CertGen.setSubjectDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setPublicKey(keyPair.getPublic());
v3CertGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
cert = v3CertGen.generateX509Certificate(keyPair.getPrivate());
3. Store the Certificate with the private key
KeyStore keyStore = KeyStore.getInstance("JKS");keyStore.load(null, null);
keyStore.setKeyEntry("YOUR_CERTIFICATE_NAME", key, "YOUR_PASSWORD".toCharArray(), new java.security.cert.Certificate[]{cert});
File file = new File(".", "keystore.test");
keyStore.store( new FileOutputStream(file), "YOUR_PASSWORD".toCharArray() );
I have uploaded the tutorial over here.
Thanks for suggesting and explaining all the steps to create self signed certificates programmatically. You have also uploaded the tutorial that will help me to understand the complete process in a more clear way.
ReplyDeletedigital signature certificate