jQuery in Action, 3rd edition
The moose likes Security and the fly likes Alternatives for sun.security.* Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Alternatives for sun.security.*" Watch "Alternatives for sun.security.*" New topic

Alternatives for sun.security.*

Sverre Moe
Ranch Hand

Joined: Jul 10, 2007
Posts: 110
Using Sun/Oracle JDK 1.6 I have access to and are using the following imports from the JDK.
import sun.security.pkcs.PKCS10;
import sun.security.x509.X500Name;
import sun.security.x509.X500Signer;

As of Sun/Oracle JDK 1.7 these are no longer available. What can I use instead of these? Are there any alternatives in either JDK or some other API?

I am using these to generate a Certificate Signing Request (PKCS#10) in Java. I want to do this programmatic and not via a seperate running tool like OpenSSL or Java Keytool.
Tim Moores

Joined: Sep 21, 2011
Posts: 2413
One approach would be to use the BouncyCastle API: http://www.bouncycastle.org/wiki/display/JA1/X.509+Public+Key+Certificate+and+Certification+Request+Generation
Sverre Moe
Ranch Hand

Joined: Jul 10, 2007
Posts: 110
It seems like JDK7 haven't gotten rid of all the classes in sun.security. BouncyCastle is still using some of its classes.
Just the X500Signer class is gone from JDK7.

The following code is working fine to create a Certificate Signing Request:

This I have tried to replace with the following BouncyCastle code:

But it gives the following complaint: java.security.NoSuchProviderException: no such provider: BC
I can specify a provider in PKCS10CertificationRequest, but I am unsure what this is supposed to be.

Edit: I found the solution to this: When passing null for provider it creates a Signature that same way as my first solution without provider.
I agree. Here's the link: http://aspose.com/file-tools
subject: Alternatives for sun.security.*
It's not a secret anymore!