Search in sources :

Example 1 with CertApiException

use of cn.topca.api.cert.CertApiException in project spring-cloud-digital-sign by SpringForAll.

the class Certificate method installIntoJKS.

@RequestMapping("/jks")
public String installIntoJKS() {
    /**
     * 服务端生成证书,并保存成Pfx文件格式 *
     */
    String userName = "test_ca_002";
    String userEmail = "test@szitrus.com.cn";
    /**
     * 扩展字段是针对证书做扩展,即在证书的属性内增加如下内容,详细请联系天威诚信技术做解答 *
     */
    // String userAdditionalField1 = "";
    // String userAdditionalField2 = "";
    // String userAdditionalField3 = "";
    // String userAdditionalField4 = "";
    // String userAdditionalField5 = "";
    // String userAdditionalField6 = "";
    // String userAdditionalField7 = "";
    // String userAdditionalField8 = "";
    // String userAdditionalField9 = "";
    // String userAdditionalField10 = "";
    UserInfo userInfo = new UserInfo();
    // 证书名称
    userInfo.setUserName(userName);
    // 证书所有者Email
    userInfo.setUserEmail(userEmail);
    // userInfo.setUserAdditionalField1(userAdditionalField1); // 扩展字段1
    // userInfo.setUserAdditionalField2(userAdditionalField2); // 扩展字段2
    // userInfo.setUserAdditionalField3(userAdditionalField3); // 扩展字段3
    // userInfo.setUserAdditionalField4(userAdditionalField4); // 扩展字段4
    // userInfo.setUserAdditionalField5(userAdditionalField5); // 扩展字段5
    // userInfo.setUserAdditionalField6(userAdditionalField6); // 扩展字段6
    // userInfo.setUserAdditionalField7(userAdditionalField7); // 扩展字段7
    // userInfo.setUserAdditionalField8(userAdditionalField8); // 扩展字段8
    // userInfo.setUserAdditionalField9(userAdditionalField9); // 扩展字段9
    // userInfo.setUserAdditionalField10(userAdditionalField10); // 扩展字段10
    /**
     * 调用接口制作证书 *
     */
    String passCode = "";
    // 不设置证书有效期,默认读取services.properties的属性值
    Integer certValidity = 0;
    JSONObject jsonObject = new JSONObject();
    try {
        licenseUtil.registry();
        /**
         * 产生CSR(证书请求 即 p10) *
         */
        String certReqBuf = "";
        String csrType = "RSA1024";
        // keystore的alias名称
        String keystore = "demo.ks";
        if (csrType.equalsIgnoreCase("RSA1024")) {
            certReqBuf = CertStore.byName(keystore).genCsr(TCA.RSA1024).toBase64();
        } else if (csrType.equalsIgnoreCase("RSA2048")) {
            certReqBuf = CertStore.byName(keystore).genCsr(TCA.RSA2048).toBase64();
        } else {
            certReqBuf = CertStore.byName(keystore).genCsr(TCA.SM2).toBase64();
        }
        jsonObject = raService.enrollCertAA(userInfo, certReqBuf, passCode, certValidity);
        CertInfo certInfo = new CertInfo();
        if (jsonObject.get("certInfo") != null) {
            certInfo = (CertInfo) jsonObject.get("certInfo");
        }
        // 安装证书
        CertStore.installCert(certInfo.getCertSignBuf());
        // KeyStoreUtils.getPublicKeyAlias()
        System.out.println("当前申请的证书序列号是:[" + certInfo.getCertSerialNumber() + "]");
        System.out.println("当前存入JKS的证书别名为:[" + certInfo.getCertSerialnumberKmc() + "]");
    } catch (JSONException e) {
        e.printStackTrace();
    } catch (CertApiException e) {
        e.printStackTrace();
    }
    return "success";
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) CertApiException(cn.topca.api.cert.CertApiException) JSONObject(org.json.JSONObject) JSONException(org.json.JSONException) UserInfo(com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

CertApiException (cn.topca.api.cert.CertApiException)1 CertInfo (com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo)1 UserInfo (com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo)1 JSONException (org.json.JSONException)1 JSONObject (org.json.JSONObject)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1