当我尝试使用证书转换字符串时,会引发exception

我有一个applet,用于签署文档,并将文档,签名和证书发送到服务器端。 在服务器端portlet接收这3个文件,所有文件都以base64格式存储,但是当我尝试获取证书时它会引发exception 

java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:104)

applet边码: 

 public static byte[] certificate; public static String getCertificateString() { String str = ""; byte[] result = null; result = Base64.encode(certificate); for (int i = 0; i < result.length; i++) { str += (char) (result[i]); } return str; } //initialization of certificate from the store Certificate cert = store.getCertificate(aliasKey); certificate = cert.toString().getBytes();

在此之后,我将证书发送到portlet,需要validation标志。 但证书转换失败。

portlet代码: 

 String certificate = request.getParameter("cert"); byte[] cert_array = Base64.decode(certificate.getBytes()); try { cert = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(cert_array)); }catch(Exception e){ e.printStackTrace(); }

此时,在try块中,引发了exception

好的,@ test1604你试试这样的东西,是实现X509TrustManager类,好的,我们走吧: 

 import java.security.cert.CertificateException; import java.security.cert.X509Certificate; public class YouNameClass implements X509TrustManager {... public YouNameClass() { super(); } }

并添加此方法, 

 private static void trustAllHttpsCertificates() throws Exception { // Create a trust manager that does not validate certificate chains: javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1]; javax.net.ssl.TrustManager tm = new YouNameClass(); trustAllCerts[0] = tm; javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, null); javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); }

和方法覆盖: 

  @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return; } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return; } @Override public X509Certificate[] getAcceptedIssuers() { return null; }

而已。 🙂

不要相信所有证书。 那是非常危险的。 如果你这样做,你也可以不使用HTTPS,只使用HTTP

Interesting Posts

POJO的交易

一个在某个网站上搜索的java程序

是否有标准的Java实用程序在运行时解析XSD文件?

什么是实现JSR-353(JSON)的API

使用JPA表独占锁定

如何暂停main()直到所有其他线程都死掉?

网络订单简称(Java)

通过查询来hibernate多对多数据检索

SVG到Java Graphics2D

将字节数组插入blob列