生成android的bks证书

生成android的bks证书
pushd %CD%
cd /d %~dp0

REM 1.Create key and certificate:
keytool -genkeypair -v -alias zhaohw7 -dname "cn=kortide.server, ou=Kortide, o=Kortide Cor, c=CHA, l=shanghai" -validity 365 -keypass 1234567 -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS -providername "BC"


REM 2.Check the certifacate:
keytool -list -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS


REM 3.Export it to a file as a certificate(serverCertificate.cer) and give the client to use it:
keytool -export -keystore ..\data\server.keystore -storepass 1234567 -storetype BKS -file ..\data\server.cer -alias zhaohw7


REM (optional)open the certificate(server.cer)
keytool -printcert -file ..\data\server.cer


REM ***.create a Server side policy file:
REM file name: ssl.policy
REM grant {
REM permission java.security.AllPermission;
REM }
REM @echo off 
REM if not exist .\ssl.policy (
REM echo.grant {>ssl.policy
REM echo. permission java.security.AllPermission;>>ssl.policy
REM echo }>>ssl.policy
REM )


REM 4.server VM to do:
REM 1) Import the digital certificate to keystore base, and trust it;
REM 2) Use same keystore base as server side.
REM keytool -import -file ..\data\server.cer -alias alias-1 -storepass 1234567 -storetype BKS


REM 5.Compile and Run SSLNetworkServer
javac -d ..\bin\ ..\src\AndroidSSLServer2.java
java -classpath ..\bin\ -Djava.security.policy=..\data\ssl.policy -Djavax.net.ssl.trustStore=..\data\server.keystore AndroidSSLServer2

popd
pause

评论

1 楼 u_xtian 2011-10-11  

执行第一步的命令时，必须要加参数
-provider=org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "BouncyCastleProvider/bcprov-jdk16-145.jar" 指定provider 、providerpath
不然会报错：
java.security.NoSuchProviderException: no such provider: BC

顶楼主