I am trying to build a network involving multiple clients and a single server, both written in Java. I am trying to find a way to automatically generate a CSR on the client side that can be sent to the server for a signed certificate. I have been able to generate a public/private keypair in Java but cannot figure out how to generate a CSR. Maybe I am looking at doing this the wrong way! Please help!
Asked
Active
Viewed 2,923 times
3
-
1Is your question about "certificate authority architecture", or is it "how do I create a CSR"? – Greg Hewgill Apr 02 '11 at 00:30
-
A little of both. I am assuiming a CA architecture that requires a CSR to be generated and sent to a server that will then generate a certificate that is sent back to the client. I am new to CA's so if there was a different way of handling certificate generation from a server other than CSR's I don't know about it. – Russ Apr 12 '11 at 17:08
2 Answers
2
Take a look at the end of this article. It explains how to use the BouncyCastle libraries to generate both a certificate and a PKCS#10 CSR. This should be all you need to get this working.
Shadowman
- 11,150
- 19
- 100
- 198
1
You might want take a look at the Bouncy Castle Crypto APIs to help you generate a CSR. They have documentation on how to go about it. Here's an example that requires Bouncy Castle. I came across KeyUtils.java that has a writeCertReq() method, however it depends on some internal sun.security imports instead (so it'll be limited to the Oracle/Sun JVM). I'm actually not aware of a way to do it with the standard JCE.
WhiteFang34
- 70,765
- 18
- 106
- 111