在windows環境下進行的測試,前提條件,windows上需要先安裝openssl。
配置環境變量,查看版本:
import java.io.*; import java.util.Properties; public class OpensslCommand { private static void runCMD(String[] CMD) { java.lang.Process process = null; try { process = Runtime.getRuntime().exec(CMD); ByteArrayOutputStream resultOutStream = new ByteArrayOutputStream(); InputStream errorInStream = new BufferedInputStream(process.getErrorStream()); InputStream processInStream = new BufferedInputStream(process.getInputStream()); int num = 0; byte[] bs = new byte[1024]; while ((num = errorInStream.read(bs)) != -1) { resultOutStream.write(bs, 0, num); } while ((num = processInStream.read(bs)) != -1) { resultOutStream.write(bs, 0, num); } String result = new String(resultOutStream.toByteArray(), "gbk"); System.out.println(result); errorInStream.close(); processInStream.close(); resultOutStream.close(); } catch (IOException e) { e.printStackTrace(); } finally { if (process != null) process.destroy(); } } public static void main(String[] args) throws Exception { //需要指定openssl.exe路徑 //java生成私鑰 String[] cmdPrivateKey = {"cmd", "/C", "C:\\soft\\OpenSSL-Win64\\bin\\openssl.exe genrsa -out ca.key 2048"}; //java生成證書請求 String[] cmdCertificationReq = {"cmd", "/C", "C:\\soft\\OpenSSL-Win64\\bin\\openssl.exe req -new -key ca.key -out ca.csr -subj /C=CN"}; //java生成證書 String[] cmdCertification = {"cmd", "/C", "C:\\soft\\OpenSSL-Win64\\bin\\openssl.exe x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt"}; runCMD(cmdPrivateKey); runCMD(cmdCertificationReq); runCMD(cmdCertification); Properties props=System.getProperties(); //系統屬性 System.out.println("用戶的當前工作目錄:"+props.getProperty("user.dir")); } }
對應目錄下可以生成:
其中,ca.crt是自簽名證書文件。ca.key是私鑰。ca.csr只是生成證書的中間請求,是用來指定一些信息,這邊只指定國家為CN。