java.security.cert.CertificateParsingException:签名字段无效 - java

我正在尝试阅读X509 certificate

FileInputStream fr = new FileInputStream("suresh.pfx");
CertificateFactory cf =   CertificateFactory.getInstance("X509");
X509Certificate c = (X509Certificate) cf.generateCertificate(fr); 

并运行到异常

java.security.cert.CertificateParsingException: signed fields invalid
    at sun.security.x509.X509CertImpl.parse(Unknown Source)
    at sun.security.x509.X509CertImpl.<init>(Unknown Source)
    at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
    at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
    at com.nextenders.certificategeenrator.CertificateGenerator.testGenerateSignCertWithKeyStore(CertificateGenerator.java:102)
    at com.nextenders.certificategeenrator.CertificateGenerator.main(CertificateGenerator.java:65)

无法解决,从Oracle forum找到了与此相关的内容。

有什么提示吗?

参考方案

PFX本身不是证书,而是密钥库。

要获取证书,您必须将pfx加载到密钥库中,然后获取证书:

InputStream certIs=new FileInputStream("suresh.pfx");
Keystore ks=KeyStore.getInstance("PKCS12");
ks.load(certIs.getInputStream(),"password".toCharArray());
Certificate cert=ks.getCertificate("alias");

问候

45码