Comments (2)
shred
commented on July 18, 2024
Without the -traditional parameter, openssl generates a private key in PKCS#8 format. The PEM file does not contain a public key. Generating a matching public key from that private key is out of scope for KeyPairUtils as a simple utility class. The main purpose of readKeyPair() is to read a PEM file that was written by writeKeyPair().
acme4j client itself only requires a standard java.security.KeyPair object. If you find a way to read a key pair from the PKCS#8 file, you can just use that KeyPair object.
from acme4j.
bomgar
commented on July 18, 2024
Ok thank you.
If anyone reads this and wants to know what I did (only works for RSA keys):
fun readKeyPair(r: Reader): KeyPair {
PEMParser(r).use { parser ->
return when(val o = parser.readObject()) {
is PEMKeyPair -> {
println("Read old style RSA PRIVATE KEY")
JcaPEMKeyConverter().getKeyPair(o)
}
is PrivateKeyInfo -> {
println("Read PRIVATE KEY. Assume it is RSA.")
val privateKey = JcaPEMKeyConverter().getPrivateKey(o) as RSAPrivateCrtKey
val spec = RSAPublicKeySpec(privateKey.modulus, privateKey.publicExponent)
val publicKey = KeyFactory.getInstance("RSA").generatePublic(spec)
return KeyPair(publicKey, privateKey)
}
else -> {
throw IOException("Invalid PEM file")
}
}
}
}
from acme4j.
Related Issues (20)
- Getting urn:ietf:params:acme:error:unauthorized in http-01 challenge HOT 2
- Intermediate certificate required. Unable to get issuer certificate. HOT 6
- RFC8823: acme4j response does not match CA expectation HOT 8
- [Feature request / acme4j-smime] Add support for S/MIME validation HOT 16
- Create order failing with AcmeServerException without any exception message HOT 2
- Getting Unable to get local issuer certificate HOT 3
- Android: order is valid however certificate chain is not correctly downloaded HOT 19
- Allow to set a complete X500Name to CSRBuilder in addition to the single set-methods HOT 5
- [Feature request / acme4j] Allow to access delegations HOT 1
- Remove service loader mechanism HOT 3
- Did you find any provider for RFC8823 support / email-reply-00 challenges? HOT 4
- The challenge status is always "INVALID" HOT 5
- The challenge status was always "INVALID" HOT 13
- http://${domain}/.well-known/acme-challenge/${token}
- acme4j example is creating zero- length crt files HOT 10
- preferred-chain attribute, for alternate chains HOT 2
- Unable to update account message HOT 6
- [Question] How to generate .pfx or .p12 (KeyStore) file? HOT 7
- Recovery from - Too many certificates already issued for exact set of domains HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acme4j.