在没有BouncyCastle的情况下用Java创建X509证书？

本文介绍了在没有BouncyCastle的情况下用Java创建X509证书？的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

是否可以在不使用Bouncy Castle X509V * CertificateGenerator类的情况下巧妙地创建Java代码的X509证书？

Is it possible to sanely create an X509 Certificate in Java code without using the Bouncy Castle X509V*CertificateGenerator classes?

推荐答案

签署证书的能力不是标准Java库或扩展的一部分。

The ability to sign certificates is not part of a standard Java library or extension.

自己做的许多代码都是核心的一部分。有些类可以编码和解码X.500名称，X.509证书扩展，各种算法的公钥，当然还有实际执行数字签名的类。

A lot of the code that is needed to do it yourself is part of the core. There are classes to encode and decode X.500 names, X.509 certificate extensions, public keys for various algorithms, and of course, for actually performing the digital signature.

自己实现这个并不是微不足道的，但它绝对可行 - 我可能花了4到5天，这是我第一次为证书签名制作工作原型。这对我来说是一次梦幻般的学习练习，但是当有可用的免费图书馆时，很难证明这笔费用是合理的。

Implementing this yourself is not trivial, but it is definitely doable—I probably spent 4 or 5 full days the first time I made a working prototype for certificate signing. It was a fantastic learning exercise for me, but it's hard to justify that expense when there are usable libraries available for free.