+-
我需要获得x509证书的序列号.使用“certificate.getSerialNumber()”的结果与预期的不同.当我看到X509证书文件规范时,它应该采用以下格式:
Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
TBSCertificate ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
-- If present, version shall be v2 or v3
subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
-- If present, version shall be v2 or v3
extensions [3] EXPLICIT Extensions OPTIONAL
-- If present, version shall be v3
}
我无法在文件的开头找到certificate.getSerialNumber()方法提供的值.
相关问题:当尝试使用openssl显示序列时,它从文件中获取正确的值,但在每个数字后添加“3”.
所以我的问题是:如何获取存储的序列值?在哪里阅读openssl和java为何以及如何修改此数据.
OPENSSL
运行:
openssl x509 -serial -noout -inform DER -in mycert.cer
结果:
serial=3030303031303030303030313030373439323639
JAVA
码:
InputStream in = new FileInputStream("mycert.cer");
BouncyCastleProvider provider = new BouncyCastleProvider();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X509", provider);
X509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(in);
BigInteger serialNum = certificate.getSerialNumber();
System.out.println(serialNum);
输出:
275106190557734483187066766755592068430195471929
文件
查看文件,我看到:
0...0..r.......000010000001007492690
. *.H..
..
这似乎是序列号,由openssl提供,但openssl将它与’3’混合(在每个数字之后).
最佳答案
我遇到了与ruby相同的问题,并在java X509 serial number using java中找到了答案
对于那些想要ruby解决方案的人
serial = 275106190557734483187066766755592068430195471929
serial.to_s(16)
这将输出3030303031303030303030313030373439323639
点击查看更多相关文章
转载注明原文:java – 获取X509Certificate序列号 - 乐贴网