Is it possible to generate CSR with without sun packages or external library?

Is it possible to generate a certificate signing request using Java code without using sun. * or com.sun. * and without using an external library? If I need to use a library like BouncyCastle I will look into it, but all my searches so far only show examples that use sun or BouncyCastle packages, and I'd rather stick with the raw API if possible.

And what's the best approach to this if what I'm trying to do is not possible?


source to share

2 answers

I do not think that's possible. By accepting this until someone has a better answer, or it becomes possible.

FWIW, I ended up using a call wrapper keytool

to do this.



Sorry for the very late answer, but figured I'd try anyway. Bouncy Castle or Java libraries make your life much easier for this task. But if you cannot use these libraries for your project, then my answer to you is still yes, but you will need to carefully read the ASN1 encoding. I see no reason why you can't take an existing CSR to study. This site ( ) helped a lot to understand ASN1 when I had to do this sort of thing. After you see how the CSR is debugged with the ASN1 tool I talked about earlier, it becomes clear how to reuse the CSR example for your use. At a high level you would

  • read in the example file
  • parsing on TLV encoding (length type)
  • replace the field with the desired data
  • digital sign
  • embed signature
  • write content to file

The object should help you with the signature part.



All Articles