问题
I'm generating a SSL KeyPair in an Android app using the KeyStore API. I want to create a Certificate Signing Request (CSR) from the Public/Private key pair so that it can be sent to an external CA for signing.
Is this possible? I'd like to use the builtin Android libraries rather than BouncyCastle if possible, in order have Android store the keys securely.
回答1:
Certificate enrollment process
Check this link. It generate key pair and CSR. Regarding generating a CSR (certificate sign request) on the android phone, I think it is rather straightforward to use Spongycastle instead. It is an android port of Bouncycastle.
回答2:
Since Android apps are built with Java, you can use the Java keytool tool to generate a CSR: Request a Signed Certificate from a CA.
来源:https://stackoverflow.com/questions/36361218/create-certificate-signing-request-inside-an-android-app