<%@ page language="java" import="java.util.*" pageEncoding="GBK"%>
<%@ page import="java.lang.*,java.io.*"%>
<html>
<head>
<title>IE中自动安装数字证书测试</title>
</head>
<body>
IE中使用XEnroll.InstallPKCS7自动安装根数字证书
<br />
备注:这里测试的根证书采用Base64编码 X.509格式(CER)
<br />
<%
StringBuffer server_cert =new StringBuffer();
try {
java.net.URL url =config.getServletContext().getResource("/base64_root_comsys.cer");
BufferedReader breader =new BufferedReader(new InputStreamReader(url.openStream()));
}
catch(Exception e)
{
e.printStackTrace();
out.println("<HTML><BODY><P>");
out.println("<h2>读取证书文件出错</h2> <br/>");
out.println(e.toString());
out.println("</P></BODY></HTML>");
out.flush();
out.close();
}
String Agent = request.getHeader("User-Agent");
StringTokenizer st = new StringTokenizer(Agent,";");
st.nextToken();
String userBrowser = st.nextToken();
String userOS = st.nextToken();
out.println("你的操作系统为:");
out.println(userOS);
String activexLib="XEnroll";
//检查是否是Windows Vista,Windows 2008,Windows 7,在Vista,Windows 2008,Windows 7上,需要使用 CertEnroll.dll
//Windows 2008 Server, IE7 User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;...
//Windows Vista, IE7 User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0;...
//Windows 7,IE8 User-Agent header: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;...
if(userOS.indexOf("Windows NT 6.0")>-1 || userOS.indexOf("Windows NT 6.1")>-1 || userOS.indexOf("Windows NT 5.2")>-1){
activexLib="CertEnroll";
}
String sPKCS7=server_cert.toString();
sPKCS7="-----BEGIN CERTIFICATE-----MIIDZzCCAk+gAwIBAgIJAJrhdPt6af7nMA0GCSqGSIb3DQEBBAUAMGoxFjAUBgNVBAoTDWNvbXN5cy5uZXQuY24xDTALBgNVBAsTBFVDSVQxHjAcBgNVBAMTFUNPTVNZUy5ORVQuQ04gUk9PVCBDQTEhMB8GCSqGSIb3DQEJARYSbGlhb2ppZmVuZ0AxNjMuY29tMB4XDTExMDQyMjAyMTkzMFoXDTE3MDQyMDAyMTkzMFowajEWMBQGA1UEChMNY29tc3lzLm5ldC5jbjENMAsGA1UECxMEVUNJVDEeMBwGA1UEAxMVQ09NU1lTLk5FVC5DTiBST09UIENBMSEwHwYJKoZIhvcNAQkBFhJsaWFvamlmZW5nQDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYB2tr8D3IcPND9tCh4c1GMnL15hdJ5oYJ12DpoaEbCciELkOmogaQ2IjVSLBCfHZKkX6X9hJqdCHH2oiGvNZyuN5mjfy+KWuebs7r9sqaTzJ6/e1vgSaiYox1DIO+oI59MH22jH3i8OMw2qbE3TqlLvVmZBflomVkGIOz95iJOzKOJwIUA3VhFYvI/Wlf4NzqfOL0zNNmoFUcD4BYVAqhVa570FFxEaGl8DvLaKUraKfho6zRHVc7MrjFrI6SlSRhe2hi/c24HrOpzoUPD46zztL/v6sSV37chsf6+V44WO4rCth0wEZzws8Hd6ch8NsUcMJjM8IOG2NMrn6x0CLAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAD4UIk7CVBwsK7DWg74eM2zwfU4bFm02BKMVFDVNwwTdjdcGSlxrNChbymHFuhG00USxy9/d4ApWxUX/y3MxmkXusENE2Rg6Wk92k6SCfbhIOXUrI+0YxXNAjInIcABsasOZAZ/ECuIuQbap5UyEHCiy0VJKRKKNCthE2dBbnTLaS1ierSuWubuyOMGDtQTCdjU7zYjwGLSLNXkUGNfG+t5XkltXRNFxUgkVh6q2sHxo76I2taya4KQp2SM6W4t8tdJXzBvdI1me5bT7sWDu4fYwsTnjwQACXrb6PKi86jq3YxP3DV/t+Beq87NP2mJg+0Ind8RNTenM714R7VtFrz8=-----END CERTIFICATE-----";
%>
<% if(activexLib.equals("XEnroll")){ %>
<object id="XEnroll" classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="xenroll.dll">
</object>
<SCRIPT language="VBSCRIPT">
ON ERROR resume next
sPKCS7="-----BEGIN CERTIFICATE-----MIIDZzCCAk+gAwIBAgIJAJrhdPt6af7nMA0GCSqGSIb3DQEBBAUAMGoxFjAUBgNVBAoTDWNvbXN5cy5uZXQuY24xDTALBgNVBAsTBFVDSVQxHjAcBgNVBAMTFUNPTVNZUy5ORVQuQ04gUk9PVCBDQTEhMB8GCSqGSIb3DQEJARYSbGlhb2ppZmVuZ0AxNjMuY29tMB4XDTExMDQyMjAyMTkzMFoXDTE3MDQyMDAyMTkzMFowajEWMBQGA1UEChMNY29tc3lzLm5ldC5jbjENMAsGA1UECxMEVUNJVDEeMBwGA1UEAxMVQ09NU1lTLk5FVC5DTiBST09UIENBMSEwHwYJKoZIhvcNAQkBFhJsaWFvamlmZW5nQDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYB2tr8D3IcPND9tCh4c1GMnL15hdJ5oYJ12DpoaEbCciELkOmogaQ2IjVSLBCfHZKkX6X9hJqdCHH2oiGvNZyuN5mjfy+KWuebs7r9sqaTzJ6/e1vgSaiYox1DIO+oI59MH22jH3i8OMw2qbE3TqlLvVmZBflomVkGIOz95iJOzKOJwIUA3VhFYvI/Wlf4NzqfOL0zNNmoFUcD4BYVAqhVa570FFxEaGl8DvLaKUraKfho6zRHVc7MrjFrI6SlSRhe2hi/c24HrOpzoUPD46zztL/v6sSV37chsf6+V44WO4rCth0wEZzws8Hd6ch8NsUcMJjM8IOG2NMrn6x0CLAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAD4UIk7CVBwsK7DWg74eM2zwfU4bFm02BKMVFDVNwwTdjdcGSlxrNChbymHFuhG00USxy9/d4ApWxUX/y3MxmkXusENE2Rg6Wk92k6SCfbhIOXUrI+0YxXNAjInIcABsasOZAZ/ECuIuQbap5UyEHCiy0VJKRKKNCthE2dBbnTLaS1ierSuWubuyOMGDtQTCdjU7zYjwGLSLNXkUGNfG+t5XkltXRNFxUgkVh6q2sHxo76I2taya4KQp2SM6W4t8tdJXzBvdI1me5bT7sWDu4fYwsTnjwQACXrb6PKi86jq3YxP3DV/t+Beq87NP2mJg+0Ind8RNTenM714R7VtFrz8=-----END CERTIFICATE-----"
XEnroll.InstallPKCS7 sPKCS7
//XEnroll.InstallPKCS7用于安装根证书。
XEnroll.InstallPKCS7 sPKCS7
if err.Number <> 0 then
if err.number = -2146885628 then
MsgBox "Keyset does not exist"
else
MsgBox "证书下载时出错,错误号="&err.description
end if
else
MsgBox "证书已成功装入"
end if
</script>
<% }
else {%>
<!--
//方法来源://http://blogs.msdn.com/alejacma/archive/2009/01/28/how-to-create-a-certificate-request-with-certenroll-javascript.aspx
//Vista下由于暂时没有测试环境,方法尚待验证
-->
<object id="objCertEnrollClassFactory" classid="clsid:884e2049-217d-11da-b2a4-000e7bbb2b09"></object>
<script language="javascript">
function InstallCert(){
document.write("<br>Installing certificate...");
try {
// Variables
var objEnroll = objCertEnrollClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
var sPKCS7 = "<%= sPKCS7 %>"
objEnroll.Initialize(1); // ContextUser
objEnroll.InstallResponse(0, sPKCS7, 6, "");
// AllowNone = 0, XCN_CRYPT_STRING_BASE64_ANY = 6
}catch (err)
{
document.write("<br>" + err.description);
return false;
}
return true;
}
InstallCert();
</script>
<% } %>
<%/*
out.println("用下载方式下载p12格式的文件下载后安装");
ClassLoader cl = this.getClass().getClassLoader();
try
{
InputStream is = cl.getResourceAsStream("liangchuan.p12");
//response.setContentType("application/x-x509-ca-cert");
response.setContentType("application/x-pkcs12");
response.addHeader("Content-Disposition", "attachment; filename=liangchuan.p12");
OutputStream os = response.getOutputStream();
//InputStream is = new FileInputStream(fileName);
while (is.available() > 0)
{
char c = (char) is.read();
os.write(c); }
os.flush();
is.close(); }
catch (Exception e) {
out.println("<HTML><BODY><P>");
out.println("<h2>下载证书文件出错</h2> <br/>");
out.println(e.toString());
out.println("</P></BODY></HTML>");
out.flush();
out.close(); }*/%>
</body>
</html>
<%@ page import="java.lang.*,java.io.*"%>
<html>
<head>
<title>IE中自动安装数字证书测试</title>
</head>
<body>
IE中使用XEnroll.InstallPKCS7自动安装根数字证书
<br />
备注:这里测试的根证书采用Base64编码 X.509格式(CER)
<br />
<%
StringBuffer server_cert =new StringBuffer();
try {
java.net.URL url =config.getServletContext().getResource("/base64_root_comsys.cer");
BufferedReader breader =new BufferedReader(new InputStreamReader(url.openStream()));
}
catch(Exception e)
{
e.printStackTrace();
out.println("<HTML><BODY><P>");
out.println("<h2>读取证书文件出错</h2> <br/>");
out.println(e.toString());
out.println("</P></BODY></HTML>");
out.flush();
out.close();
}
String Agent = request.getHeader("User-Agent");
StringTokenizer st = new StringTokenizer(Agent,";");
st.nextToken();
String userBrowser = st.nextToken();
String userOS = st.nextToken();
out.println("你的操作系统为:");
out.println(userOS);
String activexLib="XEnroll";
//检查是否是Windows Vista,Windows 2008,Windows 7,在Vista,Windows 2008,Windows 7上,需要使用 CertEnroll.dll
//Windows 2008 Server, IE7 User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;...
//Windows Vista, IE7 User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0;...
//Windows 7,IE8 User-Agent header: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;...
if(userOS.indexOf("Windows NT 6.0")>-1 || userOS.indexOf("Windows NT 6.1")>-1 || userOS.indexOf("Windows NT 5.2")>-1){
activexLib="CertEnroll";
}
String sPKCS7=server_cert.toString();
sPKCS7="-----BEGIN CERTIFICATE-----MIIDZzCCAk+gAwIBAgIJAJrhdPt6af7nMA0GCSqGSIb3DQEBBAUAMGoxFjAUBgNVBAoTDWNvbXN5cy5uZXQuY24xDTALBgNVBAsTBFVDSVQxHjAcBgNVBAMTFUNPTVNZUy5ORVQuQ04gUk9PVCBDQTEhMB8GCSqGSIb3DQEJARYSbGlhb2ppZmVuZ0AxNjMuY29tMB4XDTExMDQyMjAyMTkzMFoXDTE3MDQyMDAyMTkzMFowajEWMBQGA1UEChMNY29tc3lzLm5ldC5jbjENMAsGA1UECxMEVUNJVDEeMBwGA1UEAxMVQ09NU1lTLk5FVC5DTiBST09UIENBMSEwHwYJKoZIhvcNAQkBFhJsaWFvamlmZW5nQDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYB2tr8D3IcPND9tCh4c1GMnL15hdJ5oYJ12DpoaEbCciELkOmogaQ2IjVSLBCfHZKkX6X9hJqdCHH2oiGvNZyuN5mjfy+KWuebs7r9sqaTzJ6/e1vgSaiYox1DIO+oI59MH22jH3i8OMw2qbE3TqlLvVmZBflomVkGIOz95iJOzKOJwIUA3VhFYvI/Wlf4NzqfOL0zNNmoFUcD4BYVAqhVa570FFxEaGl8DvLaKUraKfho6zRHVc7MrjFrI6SlSRhe2hi/c24HrOpzoUPD46zztL/v6sSV37chsf6+V44WO4rCth0wEZzws8Hd6ch8NsUcMJjM8IOG2NMrn6x0CLAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAD4UIk7CVBwsK7DWg74eM2zwfU4bFm02BKMVFDVNwwTdjdcGSlxrNChbymHFuhG00USxy9/d4ApWxUX/y3MxmkXusENE2Rg6Wk92k6SCfbhIOXUrI+0YxXNAjInIcABsasOZAZ/ECuIuQbap5UyEHCiy0VJKRKKNCthE2dBbnTLaS1ierSuWubuyOMGDtQTCdjU7zYjwGLSLNXkUGNfG+t5XkltXRNFxUgkVh6q2sHxo76I2taya4KQp2SM6W4t8tdJXzBvdI1me5bT7sWDu4fYwsTnjwQACXrb6PKi86jq3YxP3DV/t+Beq87NP2mJg+0Ind8RNTenM714R7VtFrz8=-----END CERTIFICATE-----";
%>
<% if(activexLib.equals("XEnroll")){ %>
<object id="XEnroll" classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="xenroll.dll">
</object>
<SCRIPT language="VBSCRIPT">
ON ERROR resume next
sPKCS7="-----BEGIN CERTIFICATE-----MIIDZzCCAk+gAwIBAgIJAJrhdPt6af7nMA0GCSqGSIb3DQEBBAUAMGoxFjAUBgNVBAoTDWNvbXN5cy5uZXQuY24xDTALBgNVBAsTBFVDSVQxHjAcBgNVBAMTFUNPTVNZUy5ORVQuQ04gUk9PVCBDQTEhMB8GCSqGSIb3DQEJARYSbGlhb2ppZmVuZ0AxNjMuY29tMB4XDTExMDQyMjAyMTkzMFoXDTE3MDQyMDAyMTkzMFowajEWMBQGA1UEChMNY29tc3lzLm5ldC5jbjENMAsGA1UECxMEVUNJVDEeMBwGA1UEAxMVQ09NU1lTLk5FVC5DTiBST09UIENBMSEwHwYJKoZIhvcNAQkBFhJsaWFvamlmZW5nQDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnYB2tr8D3IcPND9tCh4c1GMnL15hdJ5oYJ12DpoaEbCciELkOmogaQ2IjVSLBCfHZKkX6X9hJqdCHH2oiGvNZyuN5mjfy+KWuebs7r9sqaTzJ6/e1vgSaiYox1DIO+oI59MH22jH3i8OMw2qbE3TqlLvVmZBflomVkGIOz95iJOzKOJwIUA3VhFYvI/Wlf4NzqfOL0zNNmoFUcD4BYVAqhVa570FFxEaGl8DvLaKUraKfho6zRHVc7MrjFrI6SlSRhe2hi/c24HrOpzoUPD46zztL/v6sSV37chsf6+V44WO4rCth0wEZzws8Hd6ch8NsUcMJjM8IOG2NMrn6x0CLAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAD4UIk7CVBwsK7DWg74eM2zwfU4bFm02BKMVFDVNwwTdjdcGSlxrNChbymHFuhG00USxy9/d4ApWxUX/y3MxmkXusENE2Rg6Wk92k6SCfbhIOXUrI+0YxXNAjInIcABsasOZAZ/ECuIuQbap5UyEHCiy0VJKRKKNCthE2dBbnTLaS1ierSuWubuyOMGDtQTCdjU7zYjwGLSLNXkUGNfG+t5XkltXRNFxUgkVh6q2sHxo76I2taya4KQp2SM6W4t8tdJXzBvdI1me5bT7sWDu4fYwsTnjwQACXrb6PKi86jq3YxP3DV/t+Beq87NP2mJg+0Ind8RNTenM714R7VtFrz8=-----END CERTIFICATE-----"
XEnroll.InstallPKCS7 sPKCS7
//XEnroll.InstallPKCS7用于安装根证书。
XEnroll.InstallPKCS7 sPKCS7
if err.Number <> 0 then
if err.number = -2146885628 then
MsgBox "Keyset does not exist"
else
MsgBox "证书下载时出错,错误号="&err.description
end if
else
MsgBox "证书已成功装入"
end if
</script>
<% }
else {%>
<!--
//方法来源://http://blogs.msdn.com/alejacma/archive/2009/01/28/how-to-create-a-certificate-request-with-certenroll-javascript.aspx
//Vista下由于暂时没有测试环境,方法尚待验证
-->
<object id="objCertEnrollClassFactory" classid="clsid:884e2049-217d-11da-b2a4-000e7bbb2b09"></object>
<script language="javascript">
function InstallCert(){
document.write("<br>Installing certificate...");
try {
// Variables
var objEnroll = objCertEnrollClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
var sPKCS7 = "<%= sPKCS7 %>"
objEnroll.Initialize(1); // ContextUser
objEnroll.InstallResponse(0, sPKCS7, 6, "");
// AllowNone = 0, XCN_CRYPT_STRING_BASE64_ANY = 6
}catch (err)
{
document.write("<br>" + err.description);
return false;
}
return true;
}
InstallCert();
</script>
<% } %>
<%/*
out.println("用下载方式下载p12格式的文件下载后安装");
ClassLoader cl = this.getClass().getClassLoader();
try
{
InputStream is = cl.getResourceAsStream("liangchuan.p12");
//response.setContentType("application/x-x509-ca-cert");
response.setContentType("application/x-pkcs12");
response.addHeader("Content-Disposition", "attachment; filename=liangchuan.p12");
OutputStream os = response.getOutputStream();
//InputStream is = new FileInputStream(fileName);
while (is.available() > 0)
{
char c = (char) is.read();
os.write(c); }
os.flush();
is.close(); }
catch (Exception e) {
out.println("<HTML><BODY><P>");
out.println("<h2>下载证书文件出错</h2> <br/>");
out.println(e.toString());
out.println("</P></BODY></HTML>");
out.flush();
out.close(); }*/%>
</body>
</html>
在win7 下有问题 :
报“CertEnroll::CX509Enrollment::InstallResponse: 已处理证书链,但是在不受信任提供程序信任的根证书中终止。 0x800b0109 (-2146762487)错误”
将objEnroll.InstallResponse(0, sPKCS7, 6, ""); 改成objEnroll.InstallResponse(4, sPKCS7, 6, ""); 但只能安装“中级证书颁发机构” 达不到目的
http://msdn.microsoft.com/en-us/library/aa378051(v=vs.85).aspx