I would like to create certificates programmatically instead with java keytool.
For example, this is how I create a server certificate and would like to translate it into Java code:
keytool -v \
-genkeypair \
-dname "$SERVER_DN" \
-keystore "$SERVER_DIR"/keystore.jks \
-storepass "$SERVER_PW" \
-keypass "$SERVER_PW" \
-keyalg "EC" \
-alias server \
-validity 1825 \
-deststoretype pkcs12 \
-ext KU=digitalSignature,dataEncipherment,keyEncipherment,keyAgreement \
-ext EKU=serverAuth \
-ext SAN="$SERVER_SAN"
For creating KeyStore I have found the library https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/security/KeyStore.html for creating certificate I have found https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/security/cert/CertificateFactory.html#getInstance(java.lang.String).
I have tried to create a certificate as follows:
import io.quarkus.runtime.QuarkusApplication
import io.quarkus.runtime.annotations.QuarkusMain
import java.io.FileInputStream
import java.security.cert.CertificateFactory
@QuarkusMain
class Main :QuarkusApplication{
override fun run(vararg args: String?): Int {
val cf = CertificateFactory.getInstance("X.509")
val cert = cf.generateCertificate(FileInputStream("/Users/developer/jvm/cert-bash/server.crt"))
return 0
}
}
and got an error
2022-06-09 16:30:44,960 ERROR [io.qua.run.Application] (Quarkus Main Thread) Failed to start application (with profile dev): java.io.IOException: Empty input
The file is empty and I would like to write the generated certificate into the file.
Do I use cf.generateCertificate wrong?
Update
As @Edu G suggested the solution on How to create a X509 certificate using Java? I can not find the library sun.security.tools.keytool.* on https://docs.oracle.com/en/java/javase/17/, why?
