当我尝试将证书传输到 X.509 时,我收到以下异常
"无法解析证书:java.io.IOException:不支持 编码">
来自CA的2048证书是这样的(证书只是一行没有换行符),这正常吗?
-----开始证书----- MIIERTCCAy2gAwIBAgIFIBkicgAwDQYJKoZIhvcNAQEFBQAwWTELMAkGA1UEBhMCQ04xMDAuBgNVBAoTJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEYMBYGA1UEAxMPQ0ZDQSBURVNUIE9DQTExMB4XDTE3MDQwNjA2NDQ1OVoXDTE5MDQwNjA2NDQ1OVowdzELMAkGA1UEBhMCQ04xFTATBgNVBAoTDENGQ0EgVEVTVCBDQTERMA8GA1UECxMITG9jYWwgUkExGTAXBgNVBAsTEE9yZ2FuaXphdGlvbmFsLTExIzAhBgNVBAMUGjA1MUBDSl9BQUJCQ0BaMDAwMDAwMDU1MUAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgAftvnIcaGITXhuWY1R1IYfrCstmDKJYO9anhFcUrsEe7l1BHcmXeF1Fr7KzTr+XmQx8RkSrECm6Gyfg/jElmh6XHEL3UyExIuSxuCoTs+71JlBPkCDcTdyo4lDI6Ox3JsKU/W8LFKSpae6jAA0uhgwjPCI5uizONLWTdRiXRNRUG7zvGaCgHDipP7gN1Tm+KvlDs8xJGtLdeErlIIDy4Tw2EkK+LD+L9FD8CruzpY52UkTfYfqM3Mwu1EZtfIke0M/dpSkP+46XPJH7CCbXv+f65ST2Uh+PclwPo3O2raZMZ2R3alCEMx0ZKYbA4hekdt/FJygUwN9e1MCu8KqyQIDAQABo4H1MIHyMB8GA1UdIwQYMBaAFPwLvESaDjGhg6mBhyceBULGv1b4MEgGA1UdIARBMD8wPQYIYIEchu8qAQIwMTAvBggrBgEFBQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNS5odG0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovLzIxMC43NC40Mi4zL09DQTExL1JTQS9jcmwxODExOS5jcmwwCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBTNUgad4XedWMDOeezrG+J+iwFxQDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAI906RKm5xPIaJzIeVpXRUIyHtf/9klxqNdjoXbwfplSocUioYZDPOy33w2b9Wfl/HDNKVUksv6n09dx0hdwiJZaNaVbLw0VGPwg5eTEcSEj1iQzkGGlsCt8uNROGilB8Vn0cPfhByroFO9e8bj7GNAxYtg7fvUB9XIXlMqLukIZ5JY6yOLj2y/MvoQp7B/9xdBWxqDqWhZaaEgsRxeezZ3CIGQjevSF/xNe8g2zM/13K38h64FGS3P1iNAcyJUfjoMSAXMSgPWE8uPDtENU+XgthSsNrTPBxkkY5ZuEj7YGHsiHt8mAK37QigC12fL1gF7OG8oCE/a1ZyfTukj0KRI=-----END 证书-----
程序是这样的:
public static X509Certificate getX509Certificate(String base64Cert)
{
X509Certificate cert = null;
if (!isNullOrEmpty(base64Cert))
{
log.error("getX509Certificate(): " + base64Cert);
BufferedInputStream is = new BufferedInputStream(
new ByteArrayInputStream(base64Cert.getBytes()));
CertificateFactory cf;
try
{
cf = CertificateFactory.getInstance("X.509");
cert = (X509Certificate) cf.generateCertificate(is);
} catch (CertificateException e)
{
log.error("cert format error,cert content is [" + base64Cert
+ "]");
}
} else
{
log.error("cert is null");
}
return cert;
}
任何帮助将不胜感激!
PEM 文件格式为
- 可忽略的数据
- 换行符或数据缓冲区的开头
- 5 个连字符
- "开始">
- 一个或多个单词(类型信息)
- 5 个连字符
- 换行符
- Base64 编码的数据(有效负载)
- 换行符
- 5 个连字符
- "完">
- 类型信息的相同值
- 5 个连字符
- 可忽略的数据
换行符是格式的一部分。 没有它,你就不是PEM,而且由于它可能只支持PEM和DER(base64编码数据的二进制表示),而你的值不是这些,它是在一些"不支持的编码"中,碰巧是"类似PEM,但没有换行符">
这是我将 Base64 格式的证书转换为 X509 证书的解决方案
byte[] decodedCertificate =
Base64.decodeBase64(encodedCertificate.getBytes());
CertificateFactory certificateFactory;
Certificate certificate = null;
try {
certificateFactory = CertificateFactory.getInstance("X.509");
certificate = certificateFactory.generateCertificate(new
ByteArrayInputStream(decodedCertificate));
} catch (CertificateException e) {
e.printStackTrace();
}
X509Certificate x509Certificate = (X509Certificate) certificate;
无论如何,这是我的解决方案,将单行证书转移到多行。 但是我仍然不知道起源原因,任何人都可以解释一下,请发布您的答案。
public static String singleLine2MultiLine(String p10) throws Exception{
byte[] base64Data = p10.getBytes();
ByteArrayInputStream bis = new ByteArrayInputStream(base64Data);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
byte tmp;
while ((tmp = (byte) bis.read()) != -1) {
if (tmp != 0x0a && tmp != 0x0d) {
bos.write(tmp);
}
}
byte[] bSingleLine = bos.toByteArray();
ByteArrayOutputStream bos2 = new ByteArrayOutputStream();
for (int i = 0; i < bSingleLine.length; i++) {
if (i != 0 && i % 64 == 0) {
bos2.write("rn".getBytes());
}
bos2.write(bSingleLine[i]);
if (i == bSingleLine.length - 1) {
bos2.write("rn".getBytes());
}
}
return new String(bos2.toByteArray());
}