當前位置: 首頁>>代碼示例>>Java>>正文


Java X509V3CertificateGenerator.setNotAfter方法代碼示例

本文整理匯總了Java中org.bouncycastle.x509.X509V3CertificateGenerator.setNotAfter方法的典型用法代碼示例。如果您正苦於以下問題:Java X509V3CertificateGenerator.setNotAfter方法的具體用法?Java X509V3CertificateGenerator.setNotAfter怎麽用?Java X509V3CertificateGenerator.setNotAfter使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在org.bouncycastle.x509.X509V3CertificateGenerator的用法示例。


在下文中一共展示了X509V3CertificateGenerator.setNotAfter方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: selfSignedCertificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
/**
 * Generates a certificate for {@code hostName} containing {@code keyPair}'s public key, signed by
 * {@code keyPair}'s private key.
 */
@SuppressWarnings("deprecation") // use the old Bouncy Castle APIs to reduce dependencies.
public X509Certificate selfSignedCertificate(KeyPair keyPair, String serialNumber)
    throws GeneralSecurityException {
  X509V3CertificateGenerator generator = new X509V3CertificateGenerator();
  X500Principal issuer = new X500Principal("CN=" + hostName);
  X500Principal subject = new X500Principal("CN=" + hostName);
  generator.setSerialNumber(new BigInteger(serialNumber));
  generator.setIssuerDN(issuer);
  generator.setNotBefore(new Date(notBefore));
  generator.setNotAfter(new Date(notAfter));
  generator.setSubjectDN(subject);
  generator.setPublicKey(keyPair.getPublic());
  generator.setSignatureAlgorithm("SHA256WithRSAEncryption");
  return generator.generateX509Certificate(keyPair.getPrivate(), "BC");
}
 
開發者ID:lizhangqu,項目名稱:PriorityOkHttp,代碼行數:20,代碼來源:SslContextBuilder.java

示例2: makeCertificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate makeCertificate(KeyPair _subKP,
        String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
        throws Exception
{

    PublicKey _subPub = _subKP.getPublic();
    PrivateKey _issPriv = _issKP.getPrivate();
    PublicKey _issPub = _issKP.getPublic();

    X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();

    _v3CertGen.reset();
    _v3CertGen.setSerialNumber(allocateSerialNumber());
    _v3CertGen.setIssuerDN(new X509Name(_issDN));
    _v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
    _v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
            + (1000L * 60 * 60 * 24 * 100)));
    _v3CertGen.setSubjectDN(new X509Name(_subDN));
    _v3CertGen.setPublicKey(_subPub);
    _v3CertGen.setSignatureAlgorithm(algorithm);

    _v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            createSubjectKeyId(_subPub));

    _v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            createAuthorityKeyId(_issPub));

    _v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
            new BasicConstraints(_ca));

    X509Certificate _cert = _v3CertGen.generate(_issPriv);

    _cert.checkValidity(new Date());
    _cert.verify(_issPub);

    return _cert;
}
 
開發者ID:NoYouShutup,項目名稱:CryptMeme,代碼行數:38,代碼來源:OCSPTestUtil.java

示例3: generateSignedCertificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
private X509Certificate generateSignedCertificate(
        PKCS10CertificationRequest csr) throws NoSuchAlgorithmException,
        NoSuchProviderException, InvalidKeyException,
        CertificateParsingException, CertificateEncodingException,
        SignatureException {

    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
    certGen.setIssuerDN(rootCert.getSubjectX500Principal());
    Calendar c = Calendar.getInstance();
    certGen.setNotBefore(c.getTime());
    c.add(Calendar.YEAR, 1);
    certGen.setNotAfter(c.getTime());
    certGen.setSubjectDN(csr.getCertificationRequestInfo().getSubject());
    certGen.setPublicKey(csr.getPublicKey("BC"));
    certGen.setSignatureAlgorithm(ALGORITHM_SHA256_RSA);
    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(rootCert.getPublicKey()));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            new SubjectKeyIdentifierStructure(csr.getPublicKey("BC")));
    certGen.addExtension(X509Extensions.BasicConstraints, true,
            new BasicConstraints(false));
    certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(
            KeyUsage.digitalSignature | KeyUsage.keyEncipherment));

    X509Certificate issuedCert = certGen.generate(rootPrivateKeyEntry
            .getPrivateKey());
    return issuedCert;
}
 
開發者ID:servicecatalog,項目名稱:oscm,代碼行數:30,代碼來源:CertificateHandler.java

示例4: addEntry

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
private void addEntry(final String alias) throws GeneralSecurityException {
    final KeyPair pair = KG.generateKeyPair();
    // build a certificate generator
    final X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    final X500Principal dnName = new X500Principal("cn=" + alias);

    certGen.setSerialNumber(new BigInteger(256, RND));
    certGen.setSubjectDN(new X509Name("dc=" + alias));
    certGen.setIssuerDN(dnName); // use the same
    certGen.setNotBefore(new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + 2 * 365 * 24 * 60 * 60 * 1000));
    certGen.setPublicKey(pair.getPublic());
    certGen.setSignatureAlgorithm("SHA256WithRSA");
    final X509Certificate cert = certGen.generate(pair.getPrivate(), "BC");

    ks.setEntry(alias, new KeyStore.PrivateKeyEntry(pair.getPrivate(), new X509Certificate[] { cert }), PP);
}
 
開發者ID:awslabs,項目名稱:aws-encryption-sdk-java,代碼行數:18,代碼來源:KeyStoreProviderTest.java

示例5: addPublicEntry

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
private void addPublicEntry(final String alias) throws GeneralSecurityException {
    final KeyPair pair = KG.generateKeyPair();
    // build a certificate generator
    final X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    final X500Principal dnName = new X500Principal("cn=" + alias);

    certGen.setSerialNumber(new BigInteger(256, RND));
    certGen.setSubjectDN(new X509Name("dc=" + alias));
    certGen.setIssuerDN(dnName); // use the same
    certGen.setNotBefore(new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + 2 * 365 * 24 * 60 * 60 * 1000));
    certGen.setPublicKey(pair.getPublic());
    certGen.setSignatureAlgorithm("SHA256WithRSA");
    final X509Certificate cert = certGen.generate(pair.getPrivate(), "BC");

    ks.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null);
}
 
開發者ID:awslabs,項目名稱:aws-encryption-sdk-java,代碼行數:18,代碼來源:KeyStoreProviderTest.java

示例6: generateCertificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
protected Certificate generateCertificate(KeyPair keyPair, String alias) throws GeneralSecurityException {
      
      //test that Bouncy Castle provider is present and add it if it's not
      if( Security.getProvider(org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME) == null) {
    	  Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
      }
      X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator();
//      X509Name nameInfo = new X509Name(false,"CN=" + alias);
      certificateGenerator.setSignatureAlgorithm("MD5WithRSA");
      certificateGenerator.setSerialNumber(new java.math.BigInteger("1"));
      X509Principal nameInfo = new X509Principal("CN=" + alias);
      certificateGenerator.setIssuerDN(nameInfo);
      certificateGenerator.setSubjectDN(nameInfo);  // note: same as issuer for self signed
      certificateGenerator.setNotBefore(new Date());
      Calendar c = Calendar.getInstance();
      c.add(Calendar.DATE, CLIENT_CERT_EXPIRATION_DAYS);
      certificateGenerator.setNotAfter(c.getTime());
      certificateGenerator.setPublicKey(keyPair.getPublic());
      return certificateGenerator.generate(keyPair.getPrivate(), org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME);
    }
 
開發者ID:kuali,項目名稱:kc-rice,代碼行數:21,代碼來源:JavaSecurityManagementServiceImpl.java

示例7: generateSelfSigned

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
/**
 * Generates a new key pair (RSA, 2048 bits) and a self-signed certificate for it (SHA1withRSA). The certificate
 * will use a distinguished name of the form {@code CN=name} and will be valid for 1 year.
 */
public static KeyPairAndCertificate generateSelfSigned(String name) throws GeneralSecurityException, IOException {
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
    keyPairGenerator.initialize(2048);
    KeyPair keyPair = keyPairGenerator.generateKeyPair();

    Date from = new Date();
    Date to = new Date(from.getTime() + 365L * 24L * 60L * 60L * 1000L);
    BigInteger serialNumber = new BigInteger(64, new SecureRandom());
    X500Principal owner = new X500Principal("CN=" + name);

    X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator();
    certificateGenerator.setIssuerDN(owner);
    certificateGenerator.setSubjectDN(owner);
    certificateGenerator.setNotBefore(from);
    certificateGenerator.setNotAfter(to);
    certificateGenerator.setSerialNumber(serialNumber);
    certificateGenerator.setPublicKey(keyPair.getPublic());
    certificateGenerator.setSignatureAlgorithm("SHA1withRSA");
    X509Certificate certificate = certificateGenerator.generate(keyPair.getPrivate());

    return new KeyPairAndCertificate(keyPair.getPrivate(), keyPair.getPublic(), certificate);
}
 
開發者ID:wildfly-extras,項目名稱:creaper,代碼行數:27,代碼來源:KeyPairAndCertificate.java

示例8: generateSelfSignedCertificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate generateSelfSignedCertificate(
        KeyPair keyPair, String subject, String issuer) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setPublicKey(keyPair.getPublic());
    certGen.setSerialNumber(generateSerial());
    X500Principal subjectPrincipal = new X500Principal(subject);
    X500Principal issuerPrincipal = new X500Principal(issuer);
    certGen.setSubjectDN(subjectPrincipal);
    certGen.setIssuerDN(issuerPrincipal);
    Calendar cal = Calendar.getInstance();
    certGen.setNotBefore(cal.getTime());
    cal.add(Calendar.YEAR, 10);
    certGen.setNotAfter(cal.getTime());
    certGen.setSignatureAlgorithm("SHA256WithRSA");

    X509Certificate cert = certGen.generate(keyPair.getPrivate());

    return cert;
}
 
開發者ID:nelenkov,項目名稱:generate-cert,代碼行數:21,代碼來源:Main.java

示例9: generateSelfSignedSoftECCert

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
/**
 * Create a self signed cert for our software emulation
 * 
 * @param kp
 *            is the keypair for our certificate
 * @return a self signed cert for our software emulation
 * @throws InvalidKeyException
 *             on error
 * @throws SignatureException
 *             on error
 */
private X509Certificate generateSelfSignedSoftECCert(KeyPair kp,
        boolean compress) throws Exception
{
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    ECPrivateKey privECKey = (ECPrivateKey)kp.getPrivate();
    ECPublicKey pubECKey = (ECPublicKey)kp.getPublic();
    if (!compress)
    {
        ((ECPointEncoder)privECKey).setPointFormat("UNCOMPRESSED");
        ((ECPointEncoder)pubECKey).setPointFormat("UNCOMPRESSED");
    }
    certGen.setSignatureAlgorithm("ECDSAwithSHA1");
    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Principal("CN=Software emul (EC Cert)"));
    certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000000));
    certGen.setSubjectDN(new X509Principal("CN=Software emul (EC Cert)"));
    certGen.setPublicKey((PublicKey)pubECKey);

    return certGen.generate((PrivateKey)privECKey);
}
 
開發者ID:NoYouShutup,項目名稱:CryptMeme,代碼行數:33,代碼來源:ECEncodingTest.java

示例10: generateIntermediateCert

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert)
    throws Exception
{
    X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(PrincipalUtil.getSubjectX509Principal(caCert));
    certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
    certGen.setSubjectDN(new X509Principal("CN=Test Intermediate Certificate"));
    certGen.setPublicKey(intKey);
    certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
    certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));

    return certGen.generate(caKey, "BC");
}
 
開發者ID:NoYouShutup,項目名稱:CryptMeme,代碼行數:21,代碼來源:TestUtils.java

示例11: generateEndEntityCert

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate generateEndEntityCert(PublicKey entityKey, PrivateKey caKey, X509Certificate caCert)
    throws Exception
{
    X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(PrincipalUtil.getSubjectX509Principal(caCert));
    certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
    certGen.setSubjectDN(new X509Principal("CN=Test End Certificate"));
    certGen.setPublicKey(entityKey);
    certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
    
    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
    certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));

    return certGen.generate(caKey, "BC");
}
 
開發者ID:NoYouShutup,項目名稱:CryptMeme,代碼行數:21,代碼來源:TestUtils.java

示例12: generateV3Certificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public Certificate generateV3Certificate(Date startDate, Date expirationDate, String dnName) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException {
    // Create certificate
    BigInteger serialNumber = new BigInteger(1024, new Random()); // serial number for certificate

    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    X500Principal principal = new X500Principal(dnName);

    certGen.setSerialNumber(serialNumber);
    certGen.setIssuerDN(principal);
    certGen.setNotBefore(startDate);
    certGen.setNotAfter(expirationDate);
    certGen.setSubjectDN(principal); // note: same as issuer
    certGen.setPublicKey(keyPair.getPublic());
    certGen.setSignatureAlgorithm(signatureAlgorithm.getAlgorithm());

    X509Certificate x509Certificate = certGen.generate(keyPair.getPrivate(), "BC");
    return new Certificate(signatureAlgorithm, x509Certificate);
}
 
開發者ID:GluuFederation,項目名稱:oxAuth,代碼行數:19,代碼來源:ECDSAKeyFactory.java

示例13: sign

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate sign(String CN, PublicKey publicKey, Date expiryDate, long serialNumber, X509Certificate caCert, PrivateKey privateKey) throws CertificateParsingException, CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException {
//    Date expiryDate = ...;               // time after which certificate is not valid
//    BigInteger serialNumber = ...;       // serial number for certificate
//    PrivateKey caKey = ...;              // private key of the certifying authority (ca) certificate
//    X509Certificate caCert = ...;        // public key certificate of the certifying authority
//    KeyPair keyPair = ...;               // public/private key pair that we are creating certificate for

    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    X500Principal subjectName = new X500Principal("CN="+CN);

    certGen.setSerialNumber(BigInteger.valueOf(serialNumber));
    certGen.setIssuerDN(caCert.getSubjectX500Principal());
    certGen.setNotBefore(new Date());
    certGen.setNotAfter(expiryDate);
    certGen.setSubjectDN(subjectName);
    certGen.setPublicKey(publicKey);
    certGen.setSignatureAlgorithm(DEFAULT_SIGNATURE_ALGORITHM);

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
                            new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
                            new SubjectKeyIdentifierStructure(publicKey));

    X509Certificate cert = certGen.generate(privateKey, "BC");   // note: private key of CA
    return cert;        
  }
 
開發者ID:barnyard,項目名稱:pi,代碼行數:27,代碼來源:CAToolImpl.java

示例14: generateV3Cert

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate generateV3Cert(KeyPair pair) {

		X509Certificate cert = null;
		try {
			X509V3CertificateGenerator gen = new X509V3CertificateGenerator();
			gen.setPublicKey(pair.getPublic());
			gen.setSerialNumber(new BigInteger(Long.toString(System
					.currentTimeMillis() / 1000)));
			Hashtable<ASN1ObjectIdentifier, String> attrs = new Hashtable<ASN1ObjectIdentifier, String>();
			Vector<ASN1ObjectIdentifier> vOrder = new Vector<ASN1ObjectIdentifier>();
			attrs.put(X509Principal.E, "[email protected]");
			vOrder.add(0, X509Principal.E);
			attrs.put(X509Principal.CN, "eBay, Inc");
			vOrder.add(0, X509Principal.CN);
			attrs.put(X509Principal.OU, "TNS");
			vOrder.add(0, X509Principal.OU);
			attrs.put(X509Principal.O, "eBay, Inc.");
			vOrder.add(0, X509Principal.O);
			attrs.put(X509Principal.L, "San Jose");
			vOrder.add(0, X509Principal.L);
			attrs.put(X509Principal.ST, "CA");
			vOrder.add(0, X509Principal.ST);
			attrs.put(X509Principal.C, "US");
			vOrder.add(0, X509Principal.C);
			gen.setIssuerDN(new X509Principal(vOrder, attrs));
			gen.setSubjectDN(new X509Principal(vOrder, attrs));
			gen.setNotBefore(new Date(System.currentTimeMillis()));
			gen.setNotAfter(new Date(System.currentTimeMillis()
					+ VALIDITY_PERIOD));
			gen.setSignatureAlgorithm("SHA1WithECDSA");
			cert = gen.generate(pair.getPrivate(), "BC");

		} catch (Exception e) {
			System.out.println("Unable to generate a X509Certificate." + e);
		}
		return cert;
	}
 
開發者ID:zsavvas,項目名稱:ReCRED_FIDO_UAF_OIDC,代碼行數:38,代碼來源:X509.java

示例15: generateClientCertificate

import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public X509Certificate generateClientCertificate(final PrivateKey rootCAPrivateKey, final X509Certificate rootCACert,
                                                 final KeyPair keyPair, final String publicIPAddress, final boolean isMasterNode) throws IOException, CertificateParsingException, InvalidKeyException, NoSuchAlgorithmException, CertificateEncodingException, NoSuchProviderException, SignatureException, InvalidKeySpecException {
    final DateTime now = DateTime.now(DateTimeZone.UTC);
    final X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();;
    certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
    certGen.setIssuerDN(new X500Principal(CCS_ROOTCA_CN));
    certGen.setSubjectDN(new X500Principal(CCS_CLUSTER_CN));
    certGen.setNotBefore(now.minusDays(1).toDate());
    certGen.setNotAfter(now.plusYears(10).toDate());
    certGen.setPublicKey(keyPair.getPublic());
    certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(rootCACert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            new SubjectKeyIdentifierStructure(keyPair.getPublic()));

    if (isMasterNode) {
        final List<ASN1Encodable> subjectAlternativeNames = new ArrayList<ASN1Encodable>();
        subjectAlternativeNames.add(new GeneralName(GeneralName.iPAddress, publicIPAddress));
        subjectAlternativeNames.add(new GeneralName(GeneralName.iPAddress, "10.0.0.1"));
        subjectAlternativeNames.add(new GeneralName(GeneralName.iPAddress, "10.1.1.1"));
        subjectAlternativeNames.add(new GeneralName(GeneralName.dNSName, "kubernetes"));
        subjectAlternativeNames.add(new GeneralName(GeneralName.dNSName, "kubernetes.default"));
        subjectAlternativeNames.add(new GeneralName(GeneralName.dNSName, "kubernetes.default.svc"));
        subjectAlternativeNames.add(new GeneralName(GeneralName.dNSName, "kubernetes.default.svc.cluster.local"));

        final DERSequence subjectAlternativeNamesExtension = new DERSequence(
                subjectAlternativeNames.toArray(new ASN1Encodable[subjectAlternativeNames.size()]));
        certGen.addExtension(X509Extensions.SubjectAlternativeName, false,
                subjectAlternativeNamesExtension);
    }

    return certGen.generate(rootCAPrivateKey, "BC");
}
 
開發者ID:shapeblue,項目名稱:ccs,代碼行數:35,代碼來源:ContainerClusterManagerImpl.java


注:本文中的org.bouncycastle.x509.X509V3CertificateGenerator.setNotAfter方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。