java X509扩展
如何使用bouncycastle API在java中为x509证书设置扩展
我设法做到了这样的“基本约束”:
...
X509V3CertificateGenerator gen = new X509V3CertificateGenerator();
...
boolean crit;
boolean isCa;
gen.addExtension(X509Extensions.BasicConstraints, crit, new BasicConstraints(isCa));
但是,我不知道如何对IssueralAlternativeName或KeyUsage执行相同的操作
# 1 楼答案
试试这个