1

I made a certificate generation software.

However, it can't save files sucessfully. I mean that the code in the 'RootCertGenerator.java' should generate a 'rootCertificate.cer' file. which is successfully work on pure java.

But when I run 'generateRootCert.jsp' on tomcat it it fails to generate the file

please help me

--generateRootCert.jsp

<%@ page language="java" contentType="text/html; charset=EUC-KR"%>
<%@ page import="java.sql.DriverManager" %>
<%@ page import="java.sql.Connection" %>
<%@ page import="java.sql.PreparedStatement" %>
<%@ page import="java.sql.Statement" %>
<%@ page import="java.sql.SQLException" %>
<%@ page import="java.sql.ResultSet" %>
<%@ page import="myPackage.Utils" %>
<%@ page import="myPackage.RootCertGenerator" %>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=EUC-KR">
<title>Make root Certificate</title>
</head>
<% 
RootCertGenerator.execute();
%>
<body>
</body>
</html>

--RootCertGenerator.java

package myPackage;

import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.OutputStreamWriter;
import java.io.PrintStream;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.*;
import java.security.cert.X509Certificate;
import java.util.Date;

import javax.security.auth.x500.X500Principal;

import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.x509.X509V1CertificateGenerator;
//add 20130424
//import org.bouncycastle.jce.provider.BouncyCastleProvider;

//add 20130427
import java.sql.DriverManager;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.Statement;
import java.sql.SQLException;
import java.sql.ResultSet;


/**
 * Basic X.509 V1 Certificate creation.
 */
public class RootCertGenerator
{


    public static X509Certificate generateV1Certificate(KeyPair pair)
        throws InvalidKeyException, NoSuchProviderException, SignatureException
    {
        //add 20130424
        //Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        // generate the certificate
        X509V1CertificateGenerator  certGen = new X509V1CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
        certGen.setIssuerDN(new X500Principal("CN=Test Certificate"));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - (7 * 24 * 60 * 60 * 1000))); //1 week
        certGen.setNotAfter(new Date(System.currentTimeMillis() + (7 * 24 * 60 * 60 * 1000)));
        certGen.setSubjectDN(new X500Principal("CN=Test Certificate"));
        certGen.setPublicKey(pair.getPublic());
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");

        //return certGen.generateX509Certificate(pair.getPrivate(), "BC");
        return certGen.generateX509Certificate(pair.getPrivate());
    }

    //////////added by jeon
    public static void pemEncodeToFile(String filename, Object obj, char[] password) throws Exception{
    PEMWriter pw = new PEMWriter(new FileWriter(filename));
       if (password != null && password.length > 0) {
           pw.writeObject(obj, "DESEDE", password, new SecureRandom());
       } else {
           pw.writeObject(obj);
       }
       pw.flush();
       pw.close();
    }
    //////////add 20130427
    public static String pemEncodeToString(Object obj, char[] password) throws Exception{
        PEMWriter pw = new PEMWriter(new StringWriter(1));
           if (password != null && password.length > 0) {
               pw.writeObject(obj, "DESEDE", password, new SecureRandom());
           } else {
               pw.writeObject(obj);
           }
           String str=null;
           pw.write(str);

           return str;
           //pw.flush();
           //pw.close();
        }
    //////////add 20130427
    public static void rootCertUpdate(String rootCert)
    {
        String sql = "update testca.testca_init set certificate = '"+rootCert+"' where user_id='root'";
        try {
            Class.forName("com.mysql.jdbc.Driver");
        } catch (ClassNotFoundException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

        Connection conn = null;
        //PreparedStatement pstmt = null;

        Statement stmt = null;
        //ResultSet rs = null;

        String jdbcDriver = "jdbc:mysql://localhost:3306/";
        String dbUser = "root";
        String dbPass = "forgetmenot";

        try{
            conn = DriverManager.getConnection(jdbcDriver, dbUser, dbPass);
            stmt = conn.createStatement();
            stmt.executeUpdate(sql);

        }catch(Exception ex){System.out.println("Error 2: " +ex);}
    }
    //////////added by jeon

    public static void execute()
        throws Exception
    {
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        // create the keys
        KeyPair          pair = Utils.generateRSAKeyPair();


        ////private key
        PrivateKey      key = (PrivateKey)pair.getPrivate();
        // generate the certificate
        X509Certificate cert = generateV1Certificate(pair);
        byte[] a = cert.getEncoded();
        //System.out.println(a);
        //System.out.println(cert);

        ////////////////////writing root certificate
        PEMWriter pemWrt = new PEMWriter(new OutputStreamWriter(System.out));

        pemWrt.writeObject(cert);

        pemEncodeToFile("rootCertificate.cer", cert, null);

        //20130428
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        PrintStream ps = new PrintStream(baos);
        PrintStream old = System.out;
        System.setOut(ps);
        System.out.println(cert);
        //System.out.flush();
        pemWrt.flush();
        System.setOut(old);
        System.out.println("Here: " + baos.toString());
        pemWrt.close();

        rootCertUpdate(baos.toString());

        // show some basic validation
        cert.checkValidity(new Date());

        cert.verify(cert.getPublicKey());

        System.out.println("valid certificate generated");
    }
}
4

1 回答 1

1

您不仅应该提供证书的文件名 (rootCertificate.cer),还应该提供在 Tomcat 中使用此类时应该创建它的完整路径。

您可以编辑以下行。反而

pemEncodeToFile("rootCertificate.cer", cert, null);

写类似的东西

pemEncodeToFile("C:/servers/rootCertificate.cer", cert, null);

或者

pemEncodeToFile("C:\\servers\\rootCertificate.cer", cert, null);

该文件应在上述路径中创建。确保文件夹(在此示例中为“服务器”)已存在。您还可以通过文件名增强方法签名并在 JSP 中编辑文件名。

于 2013-04-27T19:26:38.987 回答