Skip to content

Commit bb435c3

Browse files
lor6lor6
authored
Merge pull request eugenp#6016 from yatendragoel/master
BAEL-2307: Added Code to add SAN needed by Chrome to the X509 Certifi…
2 parents 5af6819 + 33ba36d commit bb435c3

File tree

1 file changed

+27
-0
lines changed

1 file changed

+27
-0
lines changed

core-java/src/test/java/com/baeldung/keystore/JavaKeyStoreUnitTest.java

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,24 @@
44
import org.junit.Assert;
55
import org.junit.Before;
66
import org.junit.Test;
7+
78
import sun.security.x509.AlgorithmId;
89
import sun.security.x509.CertificateAlgorithmId;
910
import sun.security.x509.CertificateSerialNumber;
1011
import sun.security.x509.CertificateValidity;
1112
import sun.security.x509.CertificateVersion;
1213
import sun.security.x509.CertificateX509Key;
14+
import sun.security.x509.SubjectAlternativeNameExtension;
1315
import sun.security.x509.X500Name;
1416
import sun.security.x509.X509CertImpl;
1517
import sun.security.x509.X509CertInfo;
18+
import sun.security.x509.CertificateExtensions;
19+
import sun.security.x509.GeneralNames;
20+
import sun.security.x509.GeneralName;
21+
import sun.security.x509.GeneralNameInterface;
22+
import sun.security.x509.DNSName;
23+
import sun.security.x509.IPAddressName;
24+
import sun.security.util.DerOutputStream;
1625

1726
import javax.crypto.KeyGenerator;
1827
import javax.crypto.SecretKey;
@@ -188,6 +197,23 @@ private X509Certificate generateSelfSignedCertificate(KeyPair keyPair) throws Ce
188197
Date validTo = new Date(validFrom.getTime() + 50L * 365L * 24L * 60L * 60L * 1000L); //50 years
189198
CertificateValidity validity = new CertificateValidity(validFrom, validTo);
190199
certInfo.set(X509CertInfo.VALIDITY, validity);
200+
201+
GeneralNameInterface dnsName = new DNSName("baeldung.com");
202+
DerOutputStream dnsNameOutputStream = new DerOutputStream();
203+
dnsName.encode(dnsNameOutputStream);
204+
205+
GeneralNameInterface ipAddress = new IPAddressName("127.0.0.1");
206+
DerOutputStream ipAddressOutputStream = new DerOutputStream();
207+
ipAddress.encode(ipAddressOutputStream);
208+
209+
GeneralNames generalNames = new GeneralNames();
210+
generalNames.add(new GeneralName(dnsName));
211+
generalNames.add(new GeneralName(ipAddress));
212+
213+
CertificateExtensions ext = new CertificateExtensions();
214+
ext.set(SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(generalNames));
215+
216+
certInfo.set(X509CertInfo.EXTENSIONS, ext);
191217

192218
// Create certificate and sign it
193219
X509CertImpl cert = new X509CertImpl(certInfo);
@@ -202,4 +228,5 @@ private X509Certificate generateSelfSignedCertificate(KeyPair keyPair) throws Ce
202228

203229
return newCert;
204230
}
231+
205232
}

0 commit comments

Comments
 (0)