开发者

Creating a Cerificate for Bouncy Castle Encryption

开发者 https://www.devze.com 2022-12-27 17:57 出处:网络
I am trying to create a self-signed certificate to use for encrypting an email using bouncycaste. What would be the best way to generate a certificate?

I am trying to create a self-signed certificate to use for encrypting an email using bouncycaste.

What would be the best way to generate a certificate?

I have tried using openssl but I have had problems with certificate.

Here is the code I am using to encrypt, I am using 3des.

SMIMEEnvelopedGenerator gen = new开发者_如何学运维 SMIMEEnvelopedGenerator();
gen.addKeyTransRecipient(x509Cert); // adds an X509Certificate

MimeBodyPart encData = 
    gen.generate(mimeBodyPart, SMIMEEnvelopedGenerator.DES_EDE3_CBC, "BC");

EDIT: Sorry for being vauge but the error message I am getting doesn't seem to be very useful.

The message is as follows:

org.openas2.WrappedException: org.bouncycastle.mail.smime.SMIMEException:
 key invalid in message.

This is thrown when I call the SMIMEEnvelopedGenerator.generate method.

I am currently attaching the source code in Eclipse to see if I can get a more useful error message by stepping through the code.


I would use keytool or openssl to generate a self-signed certificate. If you are having problems then post them, don't just say you are having problems. If you want to generate the certificate from your java code use the org.bouncycastle.x509.X509V3CertificateGenerator class


You should be okay with openssl; this is the command I would use to generate a self-signed cert:

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem

This will create a file called mycert.pem which contains both the private key and the self signed cert. Note in this example the key is unencrypted which is okay for testing purposes. Both key and cert are PEM encoded and include the standard header and footer lines.

0

精彩评论

暂无评论...
验证码 换一张
取 消