I am trying to create a self-signed certificate to use for encrypting an email using bouncycaste.
What would be the best way to generate a certificate?
I have tried using openssl but I have had problems with certificate.
Here is the code I am using to encrypt, I am using 3des.
SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator();
gen.addKeyTransRecipient(x509Cert); // adds an X509Certificate
MimeBodyPart encData =
gen.generate(mimeBodyPart, SMIMEEnvelopedGenerator.DES_EDE3_CBC, "BC");
EDIT: Sorry for being vauge but the error message I am getting doesn't seem to be very useful.
The message is as follows:
org.openas2.WrappedException: org.bouncycastle.mail.smime.SMIMEException:
key invalid in message.
This is thrown when I call the SMIMEEnvelopedGenerator.generate method.
I am currently attaching the source code in Eclipse to see if I can get a more useful error message by stepping through the code.
You should be okay with openssl; this is the command I would use to generate a self-signed cert:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
This will create a file called mycert.pem which contains both the private key and the self signed cert. Note in this example the key is unencrypted which is okay for testing purposes. Both key and cert are PEM encoded and include the standard header and footer lines.