这是我的代码生成证书。
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
pair = gen.generateKeyPair();
privateKey = pair.getPrivate();
publicKey = pair.getPublic();
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
X509v3CertificateBuilder builder = new X509v3CertificateBuilder(subjectDN, new BigInteger(serialNumber + ""),
startDate, endDate, subjectDN,
publicKeyInfo);
ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").setProvider("BC").build(privateKey);
cert = new JcaX509CertificateConverter().getCertificate(builder.build(signer));
当我上传并尝试通过setWebhook API方法设置Webhook时,它会失败。
{"ok":false,"error_code":400,"description":"Bad webhook: Failed to set custom cert file"}
有人可以告诉我我想念什么吗?
编辑。这是我的PEM格式的公共密钥:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA2BQC0cOGVns9USxRwk
2PQHtk3lfDqEdhmQjiW6U0RA102IbLx2ALizkegO9TwjFszynjRuq6KlQT4ctvEy
XyKpb9tMF5tRg2haDDEfyCfpKxuwQfjzYLLp+RqxLMsAngMaE3UwM6lyo9jYUHxD
sfQgUWkg6vCJ9b52/IAFYsuq14//J1ZrHRlYBnGImOroMWwLBmMZVmTxeB/QyTDc
gbj/uBbOKTckk7jchAxtO/PRVZ5nW2PWxAeE0FAtwhHHXTfwINqkcEmk21/jlpvT
GTHkkoxEl+BptvIKqrgSdvoTbHSVpn9U6ZJTV8ZVC46xcjiD/eFxr+dl3oZAjG6N
5wIDAQAB
-----END PUBLIC KEY-----
我使用多部件将此发送到服务器。
我也有同样的问题。公共密钥足以用于电报。确保将证书附加为二进制并提供文件名。
final byte[] pemFileAsBytes = pemFileAsString.getBytes(StandardCharsets.UTF_8);
final HttpEntity httpEntity = MultipartEntityBuilder.create()
.addTextBody("url", webhookUrl)
.addBinaryBody("certificate", pemFileAsBytes, ContentType.APPLICATION_OCTET_STREAM, "telegram.pem")
.build();
webhook的API说:
... PEM文件应仅包含公共密钥(包括开始和结束部分)
但是,他们提供的所有(!)教程生成了证书,而不是空白的公共密钥。
尝试将您的整个证书解析为PEM并将其馈送到Webhook:
PrintWriter writer = new PrintWriter("cert.pem", "UTF-8");
JcaMiscPEMGenerator pemGen = new JcaMiscPEMGenerator(cert);
JcaPEMWriter pemWriter = new JcaPEMWriter(writer);
pemWriter.writeObject(pemGen);
pemWriter.close();