1. java客户端怎么访问带有pfx格式证书的https网站(服务器)呢,
使用HttpURLConnection访问https地址。
以下是导入JKS证书的方式,可以参考。
Stringkeystorefile="file";
Stringkeystorepw="password";
Stringkeypw="password";
KeyStorekeystore=KeyStore.getInstance("JKS");
keystore.load(newFileInputStream(keystorefile),keystorepw.toCharArray());
=KeyManagerFactory.getInstance("SunX509");
keymanagerfactory.init(keystore,keypw.toCharArray());
KeyManagerakeymanager[]=keymanagerfactory.getKeyManagers();
=TrustManagerFactory.getInstance("SunX509");
trustmanagerfactory.init(keystore);
TrustManageratrustmanager[]=trustmanagerfactory.getTrustManagers();
sslcontext=SSLContext.getInstance("TLS");
sslcontext.init(akeymanager,atrustmanager,null);
sslSocketFactory=sslcontext.getSocketFactory();
Stringurl="asdfdf";
URLtestURL=newURL(url);
=(HttpURLConnection)testURL.openConnection();
if(){
HttpsURLConnectionconn=(HttpsURLConnection)urlConnection;
conn.setSSLSocketFactory(sslSocketFactory);
}
2. Java如何读取PFX密钥文件
package com.Jinhill;
import java.io.*;
import java.util.*;
import java.security.*;
import java.security.cert.Certificate;
public class ReadPFX {
public ReadPFX (){
}
//转换成十六进制字符串
public static String Byte2String(byte[] b) {
String hs="";
String stmp="";
for (int n=0;n<b.length;n++) {
stmp=(java.lang.Integer.toHexString(b[n] & 0XFF));
if (stmp.length()==1) hs=hs+"0"+stmp;
else hs=hs+stmp;
//if (n<b.length-1) hs=hs+":";
}
return hs.toUpperCase();
}
public static byte[] StringToByte(int number) {
int temp = number;
byte[] b=new byte[4];
for (int i=b.length-1;i>-1;i--){
b[i] = new Integer(temp&0xff).byteValue();//将最高位保存在最低位
temp = temp >> 8; //向右移8位
}
return b;
}
private PrivateKey GetPvkformPfx(String strPfx, String strPassword){
try {
KeyStore ks = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(strPfx);
// If the keystore password is empty(""), then we have to set
// to null, otherwise it won't work!!!
char[] nPassword = null;
if ((strPassword == null) || strPassword.trim().equals("")){
nPassword = null;
}
else
{
nPassword = strPassword.toCharArray();
}
ks.load(fis, nPassword);
fis.close();
System.out.println("keystore type=" + ks.getType());
// Now we loop all the aliases, we need the alias to get keys.
// It seems that this value is the "Friendly name" field in the
// detals tab <-- Certificate window <-- view <-- Certificate
// Button <-- Content tab <-- Internet Options <-- Tools menu
// In MS IE 6.
Enumeration enumas = ks.aliases();
String keyAlias = null;
if (enumas.hasMoreElements())// we are readin just one certificate.
{
keyAlias = (String)enumas.nextElement();
System.out.println("alias=[" + keyAlias + "]");
}
// Now once we know the alias, we could get the keys.
System.out.println("is key entry=" + ks.isKeyEntry(keyAlias));
PrivateKey prikey = (PrivateKey) ks.getKey(keyAlias, nPassword);
Certificate cert = ks.getCertificate(keyAlias);
PublicKey pubkey = cert.getPublicKey();
System.out.println("cert class = " + cert.getClass().getName());
System.out.println("cert = " + cert);
System.out.println("public key = " + pubkey);
System.out.println("private key = " + prikey);
return prikey;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
}
3. pfx证书文件能直接使用吗
不能直接使用pfx证书的,
需要去java网站上下一个keytools工具,导入pfx证书后才能使用。cer和pfx是成对的,你做了个cer的话必然会同时生成一个pfx,不晓得你的cer是怎么做的。一般来说是这样的,你先用一些工具,比如刚才说的java的keytools,或者IIS生成一个密钥请求crs,然后把这个crs发送给密钥发放的CA,你可以自己搭一个CA或者去买一个,CA会再发给你一个确认后的证书,你再使用这个确认后的cer来结束证书申请过程,最终得到一个私钥和一个密钥
4. pfx格式文件如何打开如题 谢谢了
pfx可能是证书的备份文件,这时可双击相关文件即可导入证书,如果要求输入密码,则输入当初设定的密码即可。
5. 数字证书文件格式cer和pfx的区别 / 蓝讯
Windows IIS下的数字证书格式一般为。pfx
Java tomcat 下的数字证书格式一般为.jks或.store
Apache和nginx一般是.pem
证书请求文件一般是.csr
证书公钥文件一般是.cer或.crt
证书私钥文件一般是.key
可以到易维信【evtrust】申请数字签名证书或者代码签名证书