如何使用Java从存在的KeyStore中生成CSR

如何使用Java代码从KEYSTORE生成CSR？

功能影响与（但不使文件染色）

一样

KEYTOOL -CERTREQ -ALIAS证书_ALIAS -KEYSTORE JSSECACERTS -STOREPASS CHANGEIT -FILE CLINE.CSR.CSR

我刚刚发现"使用Java API生成证书签名请求"

但是我已经有X.509证书，我如何使用此证书在Java中生成CSR？

KeyStore ts = KeyStore.getInstance("JKS");
FileInputStream is = new FileInputStream(trustStoreFileName);
ts.load(is, trustStorePassword.toCharArray());
is.close();
X509Certificate x509Cert = (X509Certificate)ts.getCertificate("certificate_alias");

如何使用上述信息生成CSR？

我只是解决了〜

分享我的所有代码以生成现有证书的CSR。

KeyStore ks = KeyStore.getInstance("JKS");
FileInputStream is = new FileInputStream(trustStoreFileName);
ks.load(is, trustStorePassword.toCharArray());
is.close();
X509Certificate x509Cert = (X509Certificate)ks.getCertificate("certificate_alias");
X500Principal principal = x509Cert.getSubjectX500Principal();
X500Name x500Name = new X500Name( principal.getName() );
PublicKey publicKey = x509Cert.getPublicKey();
PrivateKey privateKey = (PrivateKey) ks.getKey("certificate_alias", trustStorePassword.toCharArray());
String sigAlg = x509Cert.getSigAlgName();
PKCS10 pkcs10 = new PKCS10(publicKey);
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
pkcs10.encodeAndSign(new X500Signer(signature, x500Name));
ByteArrayOutputStream bs = new ByteArrayOutputStream();
PrintStream ps = new PrintStream(bs);
pkcs10.print(ps);
byte[] c = bs.toByteArray();
try {
    if (ps != null)
        ps.close();
    if (bs != null)
        bs.close();
} catch (Throwable th) {
}

PrivateKey privateKey = ts.getPrivateKey("certificate_alias");