Il codice seguente ha risolto il mio problema.
import java.security.PrivateKey;
import java.security.PublicKey;
import com.dds.security.KeyCreator;
import com.dds.security.KeyReader;
import com.dds.security.SecurityUtil;
import java.io.*;
import sun.security.x509.*;
import java.security.cert.*;
import java.security.*;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.util.Date;
/**
* Create a self-signed X.509 Certificate
* @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for
* @param algorithm the signing algorithm, eg "SHA1withRSA"
*/
static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm)
throws GeneralSecurityException, IOException
{
PrivateKey privkey = pair.getPrivate();
X509CertInfo info = new X509CertInfo();
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000l);
CertificateValidity interval = new CertificateValidity(from, to);
BigInteger sn = new BigInteger(64, new SecureRandom());
X500Name owner = new X500Name(dn);
info.set(X509CertInfo.VALIDITY, interval);
info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
AlgorithmId algo = new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid);
info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
// Sign the cert to identify the algorithm that's used.
X509CertImpl cert = new X509CertImpl(info);
cert.sign(privkey, algorithm);
// Update the algorith, and resign.
algo = (AlgorithmId)cert.get(X509CertImpl.SIG_ALG);
info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algo);
cert = new X509CertImpl(info);
cert.sign(privkey, algorithm);
return cert;
}
// This method writes a certificate to a file. If binary is false, the
// certificate is base64 encoded.
public static void export(java.security.cert.Certificate cert, File file, boolean binary) throws IOException {
System.out.println("Your file has been written");
try {
// Get the encoded form which is suitable for exporting
byte[] buf = cert.getEncoded();
FileOutputStream os = new FileOutputStream(file);
if (binary) {
// Write in binary form
os.write(buf);
} else {
// Write in text form
Writer wr = new OutputStreamWriter(os, Charset.forName("UTF-8"));
wr.write("-----BEGIN CERTIFICATE-----\n");
wr.write(new sun.misc.BASE64Encoder().encode(buf));
wr.write("\n-----END CERTIFICATE-----\n");
wr.flush();
}
os.close();
} catch (CertificateEncodingException e) {
} catch (IOException e) {
}
}
}