B4J Question [Closed] Using X.509 digital certificate

aeric

aeric

Expert
Licensed User
Longtime User
Hi guys,

I have been studying about how to use digital certificate in B4J for 1 week and still unclear what I was doing is correct.
I have read a lot of articles but none giving me a clear picture.
Before I purchase an expensive digital certificate which valid for 1 year or getting a trial certificate valid for 1 month, I want to know:
  1. how to retrieve any information from the certificate?
  2. what information I need to retrieve or could I retrieve?
    I think I need serial number, issuer, subject, cert in base64, cert digest and validity from the certificate
  3. can I use JavaObject only without calling/exporting the certificate with keytool or openssl?
  4. if #3 above is no, meaning I must export them from DER format to .cer, .crt or .pem file?
  5. is there any method to read the properties of a certificate using JavaObject?
    If no then meaning I need to "trim" the unwanted text from the plain .pem file?
  6. can I use keytool and/or openssl to create a selfsigned certificate that valid for signing a document?
    I notice that the output certificate doesn't contain information such as Organization identifier and Email as required.
  7. I need to create a PKCS#12 (.p12 or .pfx file) is it a keystore or is it also a digital certificate?
    I think it is a certificate which embeded with a keystore inside it, am i right?
  8. does this certificate store public and private keys?
  9. if #7 above is yes, how do I retrieve them?
  10. what is digital signature algorithm XAdES (XML Advanced Electronic Signature)?
    Isn't it just suppose to be hashing by a "normal" algorithm such as SHA256?
Thanks to anyone who can help me to understand better.
 
Last edited:
Sort by date Sort by votes
aeric

aeric

Expert
Licensed User
Longtime User
aeric said:
  1. how to retrieve any information from the certificate?
  2. what information I need to retrieve or could I retrieve?
    I think I need serial number, issuer, subject, cert in base64, cert digest and validity from the certificate
Click to expand...
I found a solution using Java JDK 11/14. I was using java 17/19 that doesn't work.
 
Upvote 0
aeric

aeric

Expert
Licensed User
Longtime User
Upvote 0
aeric

aeric

Expert
Licensed User
Longtime User
I have written a code snippet: Create and Read PKCS12 Keystore and have better understanding now.
If I am wrong, please point to me. Thanks.
  1. how to retrieve any information from the certificate?
    answer: code snippet

  2. what information I need to retrieve or could I retrieve?
    I think I need serial number, issuer, subject, cert in base64, cert digest and validity from the certificate
    answer: code snippet

  3. can I use JavaObject only without calling/exporting the certificate with keytool or openssl?
    answer: yes, except for creating the keystore file, I need to use keytool

  4. if #3 above is no, meaning I must export them from DER format to .cer, .crt or .pem file?
    answer: no

  5. is there any method to read the properties of a certificate using JavaObject?
    If no then meaning I need to "trim" the unwanted text from the plain .pem file?
    answer: yes, there are many methods that can be used as listed in the link in first post of the code snippet

  6. can I use keytool and/or openssl to create a selfsigned certificate that valid for signing a document?
    I notice that the output certificate doesn't contain information such as Organization identifier and Email as required.
    answer: yes, but the additional information mentioned above are not available. I think still need to refer to local CA.

  7. I need to create a PKCS#12 (.p12 or .pfx file) is it a keystore or is it also a digital certificate?
    I think it is a certificate which embeded with a keystore inside it, am i right?
    answer: It seems this keystore file contains a combination of keypair and certificate.

  8. does this certificate store public and private keys?
    answer: yes

  9. if #7 above is yes, how do I retrieve them?
    answer: it can be retrieved using JavaObject calling methods getPublicKey and getKey

  10. what is digital signature algorithm XAdES (XML Advanced Electronic Signature)?
    Isn't it just suppose to be hashing by a "normal" algorithm such as SHA256?
    answer: https://www.w3.org/TR/XAdES/#Introduction-Definitions_of_Terms
    1727087539527.png
 
Upvote 0
You must log in or register to reply here.

Similar Threads

aeric
  • Question
B4J Question [Closed] cannot access class sun.security.x509.X509CertImpl because module java.base does not export sun.security.x509 to unnamed module
Replies
7
Views
676
aeric
aeric
aeric
  • Article
B4J Code Snippet Create and Read PKCS12 Keystore
Replies
2
Views
311
aeric
aeric
Ralph Parkhurst
  • Question
B4J Question [SOLVED] Using a client certificate with MQTT as a standalone executable
Replies
1
Views
2K
Ralph Parkhurst
Ralph Parkhurst
klaus
  • Article
B4J Library [B4X] [XUI] xChart Class and b4xlib
32 33 34
Replies
669
Views
129K
klaus
klaus
billyrudi
  • Question
B4J Question URGENT HELP !! ssl certificate
Replies
2
Views
1K
billyrudi
billyrudi
Top