Generate PKCS12 file using Java

java jce pkcs#12
vwfziwl picture vwfziwl · Dec 7, 2011 · Viewed 8.5k times · Source

I need to generate a PKCS12 file using Java. Actually, I need to automate the following certificate generation using openssl (the ca was created previously and is not pretended to automate its creation):

openssl genrsa -out client.key 2048

openssl req -new -key client.key -out client.csr

openssl ca -keyfile ca.key -cert ca.crt -out client.crt -policy policy_anything -infiles client.csr

openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12 -name client

I want to know if it's possible to perform this without using Bouncycastle or similar libraries, just only JCE, because I didn't find any info related with the PKCS12 generation.

Answer

Robert picture Robert · Dec 7, 2011

Creating a PKCS#12 is easy - that can be done by writing KeyStore "PKCS12" instance, add the certificate and keys and then save it to a file using the store(...) method.

The rest is a bit more problematic.

Related questions

Reading pkcs12 certificate information

I have a problem with reading certificate information. I want to read full information using java with bouncycastle library in Android programmatically. Now, i'm just using keytool command in console: >keytool -list -keystore 1.p12 -storetype pkcs12 -v Any suggestions?

Read More
Trust Store vs Key Store - creating with keytool

I understand that the keystore would usually hold private/public keys and the trust store only public keys (and represents the list of trusted parties you intend to communicate with). Well, that's my first assumption, so if that's not correct, …

Read More
Hash String via SHA-256 in Java

By looking around here as well as the internet in general, I have found Bouncy Castle. I want to use Bouncy Castle (or some other freely available utility) to generate a SHA-256 Hash of a String in Java. Looking at …

Read More