Generating (PKCS12) certificate friendly name with Bouncy Castle in Java
I am using the bouncycastle library to create certificates and export them as PKCS12 certificate files on a Java webapp.
The code on my app to generate the certificate file is the same as in this page (see Step 5).
When I import the certificate into my store, what I see for the friendly name on my certificate is a combination of the user information and a really long identifier which always begins as the cons开发者_开发技巧tant contained in the following interface followed by a HEX string:
- org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.pkcs_9
Removing the code that seems to be storing the friendly name has no effect on the app (see code bellow).
PKCS12BagAttributeCarrier bagCert = clientCert;
bagCert.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("My friendly name for the new certificate"));
bagCert.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, new SubjectKeyIdentifierStructure(pubKey));
I am using bouncycastle 1.45 for JDK5.
What I expect from my webapp is that it produces the string "My friendly name for the new certificate" as the certificate's friendly name.
精彩评论