github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity

ECC documentation

pull/17/merge
Richard Körber 2016-01-31 14:33:22 +01:00
parent 6735d3b3f7
commit 2c4e8bb6d4
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/site/markdown/usage/certificate.md
View File

@ -6,7 +6,7 @@ Once you completed all the previous steps, it's time to request the signed certi
To do so, prepare a PKCS#10 CSR file. A single domain may be set as _Common Name_. Multiple domains must be provided as _Subject Alternative Name_. Other properties (_Organization_, _Organization Unit_ etc.) depend on the CA. Some may require these properties to be set, while others may ignore them when generating the certificate. To do so, prepare a PKCS#10 CSR file. A single domain may be set as _Common Name_. Multiple domains must be provided as _Subject Alternative Name_. Other properties (_Organization_, _Organization Unit_ etc.) depend on the CA. Some may require these properties to be set, while others may ignore them when generating the certificate.
CSR files can be generated with command line tools like `openssl`. Unfortunately the standard Java does not offer classes for that, so you'd have to resort to [Bouncy Castle](http://www.bouncycastle.org/java.html) if you want to create a CSR programmatically. In the `acme4j-utils` module, there is also a [`CSRBuilder`](../apidocs/org/shredzone/acme4j/util/CSRBuilder.html) for your convenience: CSR files can be generated with command line tools like `openssl`. Unfortunately the standard Java does not offer classes for that, so you'd have to resort to [Bouncy Castle](http://www.bouncycastle.org/java.html) if you want to create a CSR programmatically. In the `acme4j-utils` module, there is also a [`CSRBuilder`](../apidocs/org/shredzone/acme4j/util/CSRBuilder.html) for your convenience. You can also use [`KeyPairUtils`](../apidocs/org/shredzone/acme4j/util/KeyPairUtils.html) for generating the domain key pair.
```java ```java
KeyPair domainKeyPair = ... // KeyPair to be used for HTTPS encryption KeyPair domainKeyPair = ... // KeyPair to be used for HTTPS encryption

32
src/site/markdown/usage/register.md
View File

@ -60,3 +60,35 @@ client.changeRegistrationKey(reg, newKeyPair);
``` ```
All subsequent calls must now use the new key pair. The old key pair can be disposed. All subsequent calls must now use the new key pair. The old key pair can be disposed.
## Key Pair Utilities
The `KeyPairUtils` class in the `acme4j-utils` module provides a few methods to make key pair handling more convenient.
This call will generate a RSA key pair with a 2048 bit key:
```java
KeyPair keyPair = KeyPairUtils.createKeyPair(2048);
```
You can also create an elliptic curve key pair:
```java
KeyPair keyPair = KeyPairUtils.createECKeyPair("secp256r1");
```
To save a `KeyPair` (actually, the private key of the key pair) to a pem file, use this snippet:
```java
try (FileWriter fw = new FileWriter("keypair.pem")) {
KeyPairUtils.writeKeyPair(keyPair, fw);
}
```
The following snippet reads the private key from a pem file, and returns a `KeyPair`.
```java
try (FileReader fr = New FileReader("keypair.pem")) {
return KeyPairUtils.readKeyPair(fr);
}
```