How to create a X509 certificate using Java?

by

For JDK versions <17, you can also generate a certificate using only JDK classes. The disadvantage is that you have to use two classes from the sun.security.x509 package.
The code would be:

KeyStore keyStore = ... // your keystore

// generate the certificate
// first parameter  = Algorithm
// second parameter = signrature algorithm
// third parameter  = the provider to use to generate the keys (may be null or
//                    use the constructor without provider)
CertAndKeyGen certGen = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
// generate it with 2048 bits
certGen.generate(2048);

// prepare the validity of the certificate
long validSecs = (long) 365 * 24 * 60 * 60; // valid for one year
// add the certificate information, currently only valid for one year.
X509Certificate cert = certGen.getSelfCertificate(
   // enter your details according to your application
   new X500Name("CN=My Application,O=My Organisation,L=My City,C=DE"), validSecs);

// set the certificate and the key in the keystore
keyStore.setKeyEntry(certAlias, certGen.getPrivateKey(), null, 
                        new X509Certificate[] { cert });

Retrieve the private key from the key store to encrypt or decrypt data.
Based on the code is from http://www.pixelstech.net/article/1408524957-Generate-cetrificate-in-Java—-3

More Related Contents:

  1. Trusting all certificates using HttpClient over HTTPS
  2. How to import a .cer certificate into a java keystore?
  3. why doesn’t java send the client certificate during SSL handshake?
  4. Getting RSA private key from PEM BASE64 Encoded private key file
  5. How to properly import a selfsigned certificate into Java keystore that is available to all Java applications by default?
  6. How to resolve Java UnknownHostKey, while using JSch SFTP library?
  7. How to fix the “java.security.cert.CertificateException: No subject alternative names present” error?
  8. PKIX path building failed: unable to find valid certification path to requested target
  9. How to extract CN from X509Certificate in Java?
  10. Importing the private-key/public-certificate pair in the Java KeyStore [duplicate]
  11. How to programmatically set the SSLContext of a JAX-WS client?
  12. Loading raw 64-byte long ECDSA public key in Java
  13. How can I get a list of trusted root certificates in Java?
  14. How to ignore PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException?
  15. What is the certificate enrollment process?
  16. How to convert .pfx file to keystore with private key?
  17. How to convert certificate from PEM to JKS?
  18. How do I sign a Java applet for use in a browser?
  19. PKIX path building failed in Java application
  20. How do I do TLS with BouncyCastle?
  21. How to get server certificate chain then verify it’s valid and trusted in Java
  22. Generating X509 Certificate using Bouncy Castle Java
  23. Self signed X509 Certificate with Bouncy Castle in Java
  24. Creating an X509 Certificate in Java without BouncyCastle?
  25. Wrong version of keystore on android call
  26. How to make HTTPS GET call with certificate in Rest-Assured java
  27. How to sign string with private key
  28. PKCS12 Java Keystore from CA and User certificate in java
  29. Generate Subject Hash of X509Certificate in Java
  30. Can we load multiple Certificates & Keys in a Key Store?

Leave a Comment