【发布时间】:2016-11-04 08:39:09
【问题描述】:
您好,我尝试针对另一个证书验证一个证书,并在读取第一个证书表单文件时出错:
//Get Public Key
BasicX509Credential publicCredential = new BasicX509Credential();
File publicKeyFile = new File("keys/azurecert.cer");
if (publicKeyFile.exists()) {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
InputStream fileStream = new FileInputStream(publicKeyFile);
X509Certificate certificate = (X509Certificate)certificateFactory.generateCertificate(fileStream);
fileStream.close();
azurecert.cer 由我生成,其内容是从 azures (adfs) federationmetadata.xml 复制粘贴的。这是个问题吗?
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>
MIIC4jCC....
</X509Certificate>
</X509Data>
</KeyInfo>
我把它写成这样的格式:
—–--BEGIN CERTIFICATE--—–
MIIDBTCCAe2gAwIBAgIQPLxWKJFunNyLetteErs/DAtQPLxWKJFunNyLMMFsdioT
MSswKQYDVQQDEyJhY2NvdW50cy5hFunNyLetteErsndpbmRvd3MubmV0XHhsStcm
....
----END CERTIFICATE----
但结果是:
java.security.cert.CertificateException: Unable to initialize, java.io.IOException: extra data given to DerValue constructor
在线:
certificateFactory.generateCertificate(inputStream2)
有人可以帮忙吗?
【问题讨论】:
标签: java certificate digital-signature saml-2.0 opensaml