java通过command调用openssl生成私钥和证书

在windows环境下进行的测试,前提条件,windows上需要先安装openssl。

配置环境变量,查看版本:

 

 

import java.io.*;
import java.util.Properties;

public class OpensslCommand {
    private static void runCMD(String[] CMD) {
        java.lang.Process process = null;
        try {
            process = Runtime.getRuntime().exec(CMD);
            ByteArrayOutputStream resultOutStream = new ByteArrayOutputStream();
            InputStream errorInStream = new BufferedInputStream(process.getErrorStream());
            InputStream processInStream = new BufferedInputStream(process.getInputStream());
            int num = 0;
            byte[] bs = new byte[1024];
            while ((num = errorInStream.read(bs)) != -1) {
                resultOutStream.write(bs, 0, num);
            }
            while ((num = processInStream.read(bs)) != -1) {
                resultOutStream.write(bs, 0, num);
            }
            String result = new String(resultOutStream.toByteArray(), "gbk");
            System.out.println(result);
            errorInStream.close();
            processInStream.close();
            resultOutStream.close();
        } catch (IOException e) {
            e.printStackTrace();
        } finally {
            if (process != null) process.destroy();
        }
    }
    public static void main(String[] args) throws Exception {
        //需要指定openssl.exe路径
        //java生成私钥
        String[] cmdPrivateKey = {"cmd", "/C", "C:\\soft\\OpenSSL-Win64\\bin\\openssl.exe genrsa -out ca.key 2048"};
        //java生成证书请求
        String[] cmdCertificationReq = {"cmd", "/C", "C:\\soft\\OpenSSL-Win64\\bin\\openssl.exe req -new -key ca.key -out ca.csr -subj /C=CN"};
        //java生成证书
        String[] cmdCertification = {"cmd", "/C", "C:\\soft\\OpenSSL-Win64\\bin\\openssl.exe x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt"};
        runCMD(cmdPrivateKey);
        runCMD(cmdCertificationReq);
        runCMD(cmdCertification);
        Properties props=System.getProperties(); //系统属性
        System.out.println("用户的当前工作目录:"+props.getProperty("user.dir"));
    }
}

 

对应目录下可以生成:

 

 

其中,ca.crt是自签名证书文件。ca.key是私钥。ca.csr只是生成证书的中间请求,是用来指定一些信息,这边只指定国家为CN。

posted @ 2020-07-29 23:54  护花使者  Views(1475)  Comments(1Edit  收藏  举报