Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

java I在使用Telegram Bot API webhook支持以及通过bouncycastle生成的自签名证书时遇到问题

1 周,5 日 Questions & Answers

这是我生成证书的代码

KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
pair = gen.generateKeyPair();
privateKey = pair.getPrivate();
publicKey = pair.getPublic();
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
X509v3CertificateBuilder builder = new X509v3CertificateBuilder(subjectDN, new BigInteger(serialNumber + ""),
                                                                        startDate, endDate, subjectDN,
                                                                        publicKeyInfo);
ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").setProvider("BC").build(privateKey);
cert = new JcaX509CertificateConverter().getCertificate(builder.build(signer));

当我上传它并尝试通过setWebhookAPI方法设置webhook时,它失败了

{"ok":false,"error_code":400,"description":"Bad webhook: Failed to set custom cert file"}

有人能告诉我我错过了什么吗?
编辑。这是我的PEM格式公钥:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA2BQC0cOGVns9USxRwk
2PQHtk3lfDqEdhmQjiW6U0RA102IbLx2ALizkegO9TwjFszynjRuq6KlQT4ctvEy
XyKpb9tMF5tRg2haDDEfyCfpKxuwQfjzYLLp+RqxLMsAngMaE3UwM6lyo9jYUHxD
sfQgUWkg6vCJ9b52/IAFYsuq14//J1ZrHRlYBnGImOroMWwLBmMZVmTxeB/QyTDc
gbj/uBbOKTckk7jchAxtO/PRVZ5nW2PWxAeE0FAtwhHHXTfwINqkcEmk21/jlpvT
GTHkkoxEl+BptvIKqrgSdvoTbHSVpn9U6ZJTV8ZVC46xcjiD/eFxr+dl3oZAjG6N
5wIDAQAB
-----END PUBLIC KEY-----

我使用multi-part将其发送到服务器


共 (2) 个答案

  1. # 1 楼答案

    用于webhook的API说明:

    ... the pem file should only contain the public key (including BEGIN and END portions)

    但是,所有(!)他们提供的教程生成证书,而不是空公钥

    尝试将整个证书解析为PEM并将其提供给webhook:

        PrintWriter writer = new PrintWriter("cert.pem", "UTF-8");
    JcaMiscPEMGenerator pemGen = new JcaMiscPEMGenerator(cert);

    JcaPEMWriter pemWriter = new JcaPEMWriter(writer);
    pemWriter.writeObject(pemGen);
    pemWriter.close();
  2. # 2 楼答案

    我也有同样的问题。公开密钥就足以发送电报了。确保将证书作为二进制文件附加,并提供文件名

    final byte[] pemFileAsBytes = pemFileAsString.getBytes(StandardCharsets.UTF_8);
final HttpEntity httpEntity = MultipartEntityBuilder.create()
    .addTextBody("url", webhookUrl)
    .addBinaryBody("certificate", pemFileAsBytes, ContentType.APPLICATION_OCTET_STREAM, "telegram.pem")
    .build();