Java and SSL: Creating a Certificate Signing Request from Java

This post is part of a series about the worlds of Java and SSL.  I hope to do 1 post a day on this topic. The resulting posts will become the basis for another section of a talk that I am scheduled to give on August 10 at the Boulder/Denver Cybersecurity Meetup.

Creating a CSR from Java:

X500Name x500Name = new X500Name(distinguishedName);

String signatureAlgorithmName = "SHA1WithRSA";
Signature signature = Signature.getInstance(signatureAlgorithmName);
signature.initSign(getPrivateKey());

PKCS10 pkcs10 = new PKCS10(getPublicKey());
pkcs10.encodeAndSign(x500Name,signature);

return pkcs10;

This was relatively easy to find out how to do.  The one snag I hit was around the "encodeAndSign" method, which at first I thought needed an instance of X500Singer.  It seems that support was dropped for X500Singer as of JDK1.7.  It turned out that X500Singer is not needed, and that it just needs an instance of X500Name.