0

I want to make this openssl statement in java possible with (for example with bouncy castle) 

openssl req -new -sub "newsub" -key dummy_key.pem -out request.pem

All examples which i found are creating some keypair. i want to use existing one in my java code!

And then i want to generate a self signed crt with openssl i would do this:

openssl x509 -req -CAkey "ca_cert_key" -CA "ca_cert" -days 365 -set_serial "serial" -extfile tempclient.info -in request.pem -out cert.pem

I would be happy for any help!

Mira Mira
  • 1,385
  • 3
  • 11
  • 18
  • 1
    Yes, it is possible. You have several examples to generate the CSR http://stackoverflow.com/questions/20532912/generating-the-csr-using-bouncycastle-api and sign it http://stackoverflow.com/questions/7230330/sign-csr-using-bouncy-castle. The final code depends on the bouncycastle specific version. Also you have to deal with certificate formats. There is a lot of code involved. I suggest try it and come back with specific doubts – pedrofb Aug 03 '16 at 19:21

1 Answers1

-3

example to create a self-signed certificate (just search for it a little) https://gist.github.com/alessandroleite/fa3e763552bb8b409bfa

and yes, you need a keypair for it, your first openssl command effective creates one

Edit: a little "googling" around will reveal for example this post. To get the CSR content, you can 

call csr.getEncoded();
Community
  • 1
  • 1
gusto2
  • 11,210
  • 2
  • 17
  • 36
  • You should read carefully. Your example does not create or use a CSR to generate the certificate as @MiraMira needs. And the command `openssl req -key dummy_key.pem` uses a key conained in a file, not creates a new keypair. See doc https://wiki.openssl.org/index.php/Command_Line_Utilities#Certificate_Request_.2F_pkcs10_.2F_req – pedrofb Aug 03 '16 at 19:18
  • indeed, I usually use the "req" functionality along creating a new key (there's a parameter for it), For the CSR - I will edit the answer. – gusto2 Aug 04 '16 at 07:20