问题
I'm trying to read a X509 certificate
FileInputStream fr = new FileInputStream("suresh.pfx");
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate c = (X509Certificate) cf.generateCertificate(fr);
And run in to the exception
java.security.cert.CertificateParsingException: signed fields invalid
at sun.security.x509.X509CertImpl.parse(Unknown Source)
at sun.security.x509.X509CertImpl.<init>(Unknown Source)
at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
at com.nextenders.certificategeenrator.CertificateGenerator.testGenerateSignCertWithKeyStore(CertificateGenerator.java:102)
at com.nextenders.certificategeenrator.CertificateGenerator.main(CertificateGenerator.java:65)
Found something related to it from Oracle forum with no solution.
Any hints ?
回答1:
PFX isn't a certificate but a keystore in itself.
To get the certificate you have to load the pfx into a keystore and then get the certificate:
InputStream certIs=new FileInputStream("suresh.pfx");
Keystore ks=KeyStore.getInstance("PKCS12");
ks.load(certIs.getInputStream(),"password".toCharArray());
Certificate cert=ks.getCertificate("alias");
Regards
来源:https://stackoverflow.com/questions/21794117/java-security-cert-certificateparsingexception-signed-fields-invalid