• 自动安装数字证书根证书


    <%@ page language="java" import="java.util.*" pageEncoding="GBK"%>
    <%@ page import="java.lang.*,java.io.*"%>
    <html>
        
    <head>
            
    <title>IE中自动安装数字证书测试</title>
        
    </head>
        
    <body>
            IE中使用XEnroll.InstallPKCS7自动安装根数字证书
            
    <br />
            备注:这里测试的根证书采用Base64编码 X.509格式(CER)
            
    <br />
    <%     
    StringBuffer server_cert 
    =new StringBuffer();
    try {    
        java.net.URL url 
    =config.getServletContext().getResource("/base64_root_comsys.cer");
        BufferedReader breader 
    =new BufferedReader(new InputStreamReader(url.openStream()));
    }
    catch(Exception e)
    {
        e.printStackTrace();
        out.println(
    "<HTML><BODY><P>");    
        out.println(
    "<h2>读取证书文件出错</h2> <br/>");    
        out.println(e.toString());    
        out.println(
    "</P></BODY></HTML>");    
        out.flush();    
        out.close();
    }
    String Agent 
    = request.getHeader("User-Agent");
    StringTokenizer st 
    = new StringTokenizer(Agent,";");
    st.nextToken();
    String userBrowser 
    = st.nextToken();
    String userOS 
    = st.nextToken();
    out.println(
    "你的操作系统为:");
    out.println(userOS);
    String activexLib
    ="XEnroll";
    //检查是否是Windows Vista,Windows 2008,Windows 7,在Vista,Windows 2008,Windows 7上,需要使用 CertEnroll.dll
    //Windows 2008 Server, IE7 User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;...
    //Windows Vista, IE7 User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0;...
    //Windows 7,IE8 User-Agent header: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;...

    if(userOS.indexOf("Windows NT 6.0")>-1 || userOS.indexOf("Windows NT 6.1")>-1 || userOS.indexOf("Windows NT 5.2")>-1){
            activexLib
    ="CertEnroll";
        }
        String sPKCS7
    =server_cert.toString();
        sPKCS7
    ="-----BEGIN CERTIFICATE-----MIIDZzCCAk+gAwIBAgIJAJrhdPt6af7nMA0GCSqGSIb3DQEBBAUAMGoxFjAUBgNVBAoTDWNvbXN5cy5uZXQuY24xDTALBgNVBAsTBFVDSVQxHjAcBgNVBAMTFUNPTVNZUy5ORVQuQ04gUk9PVCBDQTEhMB8GCSqGSIb3DQEJARYSbGlhb2ppZmVuZ0AxNjMuY29tMB4XDTExMDQyMjAyMTkzMFoXDTE3MDQyMDAyMTkzMFowajEWMBQGA1UEChMNY29tc3lzLm5ldC5jbjENMAsGA1UECxMEVUNJVDEeMBwGA1UEAxMVQ09NU1lTLk5FVC5DTiBST09UIENBMSEwHwYJKoZIhvcNAQkBFhJsaWFvamlmZW5nQDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYB2tr8D3IcPND9tCh4c1GMnL15hdJ5oYJ12DpoaEbCciELkOmogaQ2IjVSLBCfHZKkX6X9hJqdCHH2oiGvNZyuN5mjfy+KWuebs7r9sqaTzJ6/e1vgSaiYox1DIO+oI59MH22jH3i8OMw2qbE3TqlLvVmZBflomVkGIOz95iJOzKOJwIUA3VhFYvI/Wlf4NzqfOL0zNNmoFUcD4BYVAqhVa570FFxEaGl8DvLaKUraKfho6zRHVc7MrjFrI6SlSRhe2hi/c24HrOpzoUPD46zztL/v6sSV37chsf6+V44WO4rCth0wEZzws8Hd6ch8NsUcMJjM8IOG2NMrn6x0CLAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAD4UIk7CVBwsK7DWg74eM2zwfU4bFm02BKMVFDVNwwTdjdcGSlxrNChbymHFuhG00USxy9/d4ApWxUX/y3MxmkXusENE2Rg6Wk92k6SCfbhIOXUrI+0YxXNAjInIcABsasOZAZ/ECuIuQbap5UyEHCiy0VJKRKKNCthE2dBbnTLaS1ierSuWubuyOMGDtQTCdjU7zYjwGLSLNXkUGNfG+t5XkltXRNFxUgkVh6q2sHxo76I2taya4KQp2SM6W4t8tdJXzBvdI1me5bT7sWDu4fYwsTnjwQACXrb6PKi86jq3YxP3DV/t+Beq87NP2mJg+0Ind8RNTenM714R7VtFrz8=-----END CERTIFICATE-----";        
    %>
            
    <% if(activexLib.equals("XEnroll")){ %>
            
    <object id="XEnroll" classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="xenroll.dll">
            
    </object>
            
    <SCRIPT language="VBSCRIPT">
                ON ERROR resume next
                sPKCS7
    ="-----BEGIN CERTIFICATE-----MIIDZzCCAk+gAwIBAgIJAJrhdPt6af7nMA0GCSqGSIb3DQEBBAUAMGoxFjAUBgNVBAoTDWNvbXN5cy5uZXQuY24xDTALBgNVBAsTBFVDSVQxHjAcBgNVBAMTFUNPTVNZUy5ORVQuQ04gUk9PVCBDQTEhMB8GCSqGSIb3DQEJARYSbGlhb2ppZmVuZ0AxNjMuY29tMB4XDTExMDQyMjAyMTkzMFoXDTE3MDQyMDAyMTkzMFowajEWMBQGA1UEChMNY29tc3lzLm5ldC5jbjENMAsGA1UECxMEVUNJVDEeMBwGA1UEAxMVQ09NU1lTLk5FVC5DTiBST09UIENBMSEwHwYJKoZIhvcNAQkBFhJsaWFvamlmZW5nQDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYB2tr8D3IcPND9tCh4c1GMnL15hdJ5oYJ12DpoaEbCciELkOmogaQ2IjVSLBCfHZKkX6X9hJqdCHH2oiGvNZyuN5mjfy+KWuebs7r9sqaTzJ6/e1vgSaiYox1DIO+oI59MH22jH3i8OMw2qbE3TqlLvVmZBflomVkGIOz95iJOzKOJwIUA3VhFYvI/Wlf4NzqfOL0zNNmoFUcD4BYVAqhVa570FFxEaGl8DvLaKUraKfho6zRHVc7MrjFrI6SlSRhe2hi/c24HrOpzoUPD46zztL/v6sSV37chsf6+V44WO4rCth0wEZzws8Hd6ch8NsUcMJjM8IOG2NMrn6x0CLAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAD4UIk7CVBwsK7DWg74eM2zwfU4bFm02BKMVFDVNwwTdjdcGSlxrNChbymHFuhG00USxy9/d4ApWxUX/y3MxmkXusENE2Rg6Wk92k6SCfbhIOXUrI+0YxXNAjInIcABsasOZAZ/ECuIuQbap5UyEHCiy0VJKRKKNCthE2dBbnTLaS1ierSuWubuyOMGDtQTCdjU7zYjwGLSLNXkUGNfG+t5XkltXRNFxUgkVh6q2sHxo76I2taya4KQp2SM6W4t8tdJXzBvdI1me5bT7sWDu4fYwsTnjwQACXrb6PKi86jq3YxP3DV/t+Beq87NP2mJg+0Ind8RNTenM714R7VtFrz8=-----END CERTIFICATE-----"
                XEnroll.InstallPKCS7 sPKCS7
                
    //XEnroll.InstallPKCS7用于安装根证书。        
                XEnroll.InstallPKCS7 sPKCS7     
                 
    if err.Number <> 0 then           
                     
    if err.number = -2146885628 then               
                         MsgBox 
    "Keyset does not exist"            
                     
    else               
                         MsgBox 
    "证书下载时出错,错误号="&err.description            
                     end 
    if        
                
    else            
                    MsgBox 
    "证书已成功装入"        
                end 
    if
        
    </script>
            
    <% } 
    else {%>
    <!--  
            
    //方法来源://http://blogs.msdn.com/alejacma/archive/2009/01/28/how-to-create-a-certificate-request-with-certenroll-javascript.aspx
            
    //Vista下由于暂时没有测试环境,方法尚待验证
    -->
            
    <object id="objCertEnrollClassFactory" classid="clsid:884e2049-217d-11da-b2a4-000e7bbb2b09"></object>
            
    <script language="javascript">
              function InstallCert(){
                    document.write(
    "<br>Installing certificate...");        
                    
    try {            
                        
    // Variables            
                        var objEnroll = objCertEnrollClassFactory.CreateObject("X509Enrollment.CX509Enrollment")            
                        var sPKCS7 
    = "<%= sPKCS7 %>"            
                        objEnroll.Initialize(
    1); // ContextUser            
                        objEnroll.InstallResponse(0, sPKCS7, 6""); 
                        
    // AllowNone = 0, XCN_CRYPT_STRING_BASE64_ANY = 6        
                    }catch (err) 
                    {            
                        document.write(
    "<br>" + err.description);            
                        
    return false;       
                     }    
                    
    return true;
                }    
            InstallCert();     
    </script>
            
    <% } %>
            
    <%/*
    out.println("用下载方式下载p12格式的文件下载后安装"); 
    ClassLoader cl = this.getClass().getClassLoader();
    try 
    {    
    InputStream is = cl.getResourceAsStream("liangchuan.p12");   
     //response.setContentType("application/x-x509-ca-cert");   
     response.setContentType("application/x-pkcs12");    
    response.addHeader("Content-Disposition", "attachment; filename=liangchuan.p12");   
     OutputStream os = response.getOutputStream();    
    //InputStream is = new FileInputStream(fileName);   
     while (is.available() > 0) 
    {        
    char c = (char) is.read();       
     os.write(c);    }    
    os.flush();    
    is.close(); } 
    catch (Exception e) {     
    out.println("<HTML><BODY><P>");    
    out.println("<h2>下载证书文件出错</h2> <br/>");    
    out.println(e.toString());    
    out.println("</P></BODY></HTML>");    
    out.flush();    
    out.close(); }
    */%>
        
    </body>
    </html>

    在win7 下有问题 :

    报“CertEnroll::CX509Enrollment::InstallResponse: 已处理证书链,但是在不受信任提供程序信任的根证书中终止。 0x800b0109 (-2146762487)错误”
    将objEnroll.InstallResponse(0, sPKCS7, 6"");   改成objEnroll.InstallResponse(4, sPKCS7, 6""); 但只能安装“中级证书颁发机构”  达不到目的

     

    http://msdn.microsoft.com/en-us/library/aa378051(v=vs.85).aspx


  • 相关阅读:
    Serialize&Deserialize
    Async&Await
    Generic
    Enum
    Array
    String
    Nullable
    Collection
    Class&Struct
    Interface
  • 原文地址:https://www.cnblogs.com/jifeng/p/2040048.html
Copyright © 2020-2023  润新知