lywsvip/pay-java-parent
1
0
Fork 0
mirror of https://gitee.com/egzosn/pay-java-parent.git synced 2026-05-09 04:25:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化证书相关操作,新增证书的存储方式

Browse Source
This commit is contained in:
egan
2019-04-15 00:08:09 +08:00
parent 6e5ba155c8
commit b29bd06e77
17 changed files with 572 additions and 471 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
pay-java-common/src/main/java/com/egzosn/pay/common/api/BasePayConfigStorage.java
View File

@@ -1,8 +1,7 @@
package com.egzosn.pay.common.api;
import com.egzosn.pay.common.bean.CertStoreType;
import com.egzosn.pay.common.bean.MsgType;
import com.egzosn.pay.common.bean.result.PayException;
import com.egzosn.pay.common.exception.PayErrorException;
import com.egzosn.pay.common.util.sign.CertDescriptor;
import java.util.concurrent.locks.Lock;
@@ -19,61 +18,57 @@ import java.util.concurrent.locks.ReentrantLock;
*/
public abstract class BasePayConfigStorage implements PayConfigStorage {
private Object attach;
/**
* 证书管理器
*/
private CertDescriptor certDescriptor;
private Object attach;
/**
* 应用私钥rsa_private pkcs8格式 生成签名时使用
*/
private String keyPrivate;
private String keyPrivate;
/**
* 应用私钥rsa_private pkcs8格式 生成签名时使用
* 应用私钥证书rsa_private pkcs8格式 生成签名时使用
*/
private String keyPrivateCertPwd;
private String keyPrivateCertPwd;
/**
* 支付平台公钥(签名校验使用)
*/
private String keyPublic;
private String keyPublic;
/**
* 异步回调地址
*/
private String notifyUrl;
private String notifyUrl;
/**
* 同步回调地址,支付完成后展示的页面
*/
private String returnUrl;
private String returnUrl;
/**
* 签名加密类型
*/
private String signType;
private String signType;
/**
* 字符类型
*/
private String inputCharset;
private String inputCharset;
/**
* 支付类型 aliPay 支付宝, wxPay微信..等等,扩展支付模块定义唯一。
*/
private String payType;
private String payType;
/**
* 消息来源类型
*/
private MsgType msgType;
private MsgType msgType;
/**
* 访问令牌 每次请求其他方法都要传入的值
*/
private String accessToken;
private String accessToken;
/**
* access token 到期时间时间戳
*/
private long expiresTime;
private long expiresTime;
/**
* 授权码锁
*/
@@ -88,10 +83,6 @@ public abstract class BasePayConfigStorage implements PayConfigStorage {
*/
private boolean isCertSign = false;
/**
* 支付回调消息
*/
protected PayMessageHandler handler;
@Override
public Object getAttach() {
@@ -102,17 +93,6 @@ public abstract class BasePayConfigStorage implements PayConfigStorage {
this.attach = attach;
}
@Override
public CertDescriptor getCertDescriptor() {
if (!isCertSign) {
throw new PayErrorException(new PayException("certDescriptor fail", "isCertSign is false"));
}
if (null == certDescriptor) {
certDescriptor = new CertDescriptor();
}
return certDescriptor;
}
@Override
public String getKeyPrivate() {
return keyPrivate;
@@ -121,6 +101,7 @@ public abstract class BasePayConfigStorage implements PayConfigStorage {
public void setKeyPrivate(String keyPrivate) {
this.keyPrivate = keyPrivate;
}
@Override
public String getKeyPrivateCertPwd() {
return keyPrivateCertPwd;
@@ -148,7 +129,6 @@ public abstract class BasePayConfigStorage implements PayConfigStorage {
this.notifyUrl = notifyUrl;
}
@Override
public String getReturnUrl() {
return returnUrl;
@@ -264,9 +244,6 @@ public abstract class BasePayConfigStorage implements PayConfigStorage {
public void setCertSign(boolean certSign) {
isCertSign = certSign;
if (certSign) {
certDescriptor = new CertDescriptor();
}
}

5
pay-java-common/src/main/java/com/egzosn/pay/common/api/PayConfigStorage.java
View File

@@ -20,11 +20,6 @@ import java.util.concurrent.locks.Lock;
* @return 附加信息
*/
Object getAttach();
/**
* 获取证书解释器
* @return 证书解释器
*/
CertDescriptor getCertDescriptor();
/**
* 获取私钥证书密码

69
pay-java-common/src/main/java/com/egzosn/pay/common/bean/CertStoreType.java Normal file
View File

@@ -0,0 +1,69 @@
package com.egzosn.pay.common.bean;
import java.io.*;
/**
* 证书存储类型
*
* @author egan
* email egzosn@gmail.com
* date 2019/4/14.23:04
*/
public enum CertStoreType {
/**
* 路径,建议绝对路径
*/
PATH {
/**
* 证书信息转化为对应的输入流
*
* @param cert 证书信息
* @return 输入流
*/
@Override
public InputStream getInputStream(Object cert) throws IOException {
return new FileInputStream(new File((String) cert));
}
},
/**
* 文件流转化成字符串存储至文件或者数据库中
*/
STR {
/**
* 证书信息转化为对应的输入流
*
* @param cert 证书信息
* @return 输入流
*/
@Override
public InputStream getInputStream(Object cert) throws IOException {
return new ByteArrayInputStream(((String) cert).getBytes("ISO-8859-1"));
}
},
/**
* 文件流
*/
INPUT_STREAM {
/**
* 证书信息转化为对应的输入流
*
* @param cert 证书信息
* @return 输入流
*/
@Override
public InputStream getInputStream(Object cert) throws IOException {
return (InputStream) cert;
}
};
/**
* 证书信息转化为对应的输入流
*
* @param cert 证书信息
* @return 输入流
*/
public abstract InputStream getInputStream(Object cert) throws IOException;
}

104
pay-java-common/src/main/java/com/egzosn/pay/common/http/HttpConfigStorage.java
View File

@@ -1,6 +1,8 @@
package com.egzosn.pay.common.http;
import com.egzosn.pay.common.bean.CertStoreType;
import java.io.*;
/**
@@ -29,10 +31,12 @@ public class HttpConfigStorage {
*/
private String authPassword;
/**
* @see #keystore 是否为https请求所需的证书PKCS12的地址,默认为地址,否则为证书信息串
* 证书存储类型
* @see #keystore 是否为https请求所需的证书PKCS12的地址,默认为地址,否则为证书信息串,文件流
*/
private boolean isPath = true;
private CertStoreType certStoreType = CertStoreType.PATH;
/**
* https请求所需的证书PKCS12
@@ -104,109 +108,35 @@ public class HttpConfigStorage {
this.authPassword = authPassword;
}
/**
* 代理用户名
* @return 代理用户名
* @see #getAuthUsername()
*/
@Deprecated
public String getHttpProxyUsername() {
return authUsername;
public CertStoreType getCertStoreType() {
return certStoreType;
}
/**
* 设置代理用户名
* @param httpProxyUsername 代理用户名
* @see #setAuthUsername(String)
*/
@Deprecated
public void setHttpProxyUsername(String httpProxyUsername) {
this.authUsername = httpProxyUsername;
}
/**
* 代理密码
* @return 代理密码
* @see #getAuthPassword()
*/
@Deprecated
public String getHttpProxyPassword() {
return authPassword;
}
/**
* 设置代理密码
* @param httpProxyPassword 代理密码
* @see #setAuthPassword(String)
*/
@Deprecated
public void setHttpProxyPassword(String httpProxyPassword) {
this.authPassword = httpProxyPassword;
}
/**
* https请求所需的证书PKCS12地址请使用绝对路径
* @return 证书PKCS12地址
* @see #getKeystore()
*/
@Deprecated
public String getKeystorePath() {
return (String) keystore;
}
/**
* 设置https请求所需的证书PKCS12地址请使用绝对路径
* @param keystorePath 证书PKCS12地址
* @see #getKeystore()
*/
@Deprecated
public void setKeystorePath(String keystorePath) {
this.keystore = keystorePath;
}
/**
* 获取是否为证书地址
* @return 是否为证书地址,配合 {@link #getKeystore()}使用
*/
public boolean isPath() {
return isPath;
}
/**
* 设置是否为证书地址
* @param path 是否为证书地址
*/
public void setPath(boolean path) {
isPath = path;
public void setCertStoreType(CertStoreType certStoreType) {
this.certStoreType = certStoreType;
}
/**
* 获取证书信息
* @return 证书信息 根据 {@link #isPath()}进行区别地址与信息串
* @return 证书信息 根据 {@link #getCertStoreType()}进行区别地址与信息串
*/
public InputStream getKeystoreInputStream() throws FileNotFoundException, UnsupportedEncodingException {
if (null == keystore){
public InputStream getKeystoreInputStream() throws IOException {
if (null == keystore) {
return null;
}
if(isPath()){
return new FileInputStream(new File(getKeystoreStr()));
}
if(this.keystore instanceof String){
return new ByteArrayInputStream(getKeystoreStr().getBytes("ISO-8859-1"));
}
return (InputStream) keystore;
return certStoreType.getInputStream(keystore);
}
/**
* 获取证书信息
* @return 证书信息 根据 {@link #isPath()}进行区别地址与信息串
* @return 证书信息 根据 {@link #getCertStoreType()}进行区别地址与信息串
*/
public Object getKeystore() {
return keystore;
}
/**
* 获取证书信息 证书地址
* @return 证书信息 根据 {@link #isPath()}进行区别地址与信息串
* @return 证书信息 根据 {@link #getCertStoreType()}进行区别地址与信息串
*/
public String getKeystoreStr() {
return (String) keystore;

528
pay-java-common/src/main/java/com/egzosn/pay/common/util/sign/CertDescriptor.java
View File

@@ -1,16 +1,15 @@
/**
*
* Licensed Property to China UnionPay Co., Ltd.
*
* <p>
* (C) Copyright of China UnionPay Co., Ltd. 2010
* All Rights Reserved.
*
*
* All Rights Reserved.
* <p>
* <p>
* Modification History:
* =============================================================================
* Author Date Description
* ------------ ---------- ---------------------------------------------------
* xshu 2014-05-28 证书工具类.
* Author Date Description
* ------------ ---------- ---------------------------------------------------
* xshu 2014-05-28 证书工具类.
* =============================================================================
*/
package com.egzosn.pay.common.util.sign;
@@ -19,10 +18,15 @@ import com.egzosn.pay.common.util.str.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.io.*;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.*;
import java.security.cert.*;
import java.util.*;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
/**
@@ -31,227 +35,321 @@ import java.util.*;
* 声明:以下代码只是为了方便接入方测试而提供的样例代码,商户可以根据自己需要,按照技术文档编写。该代码仅供参考,不提供编码,性能,规范性等方面的保障
*/
public class CertDescriptor {
protected static final Log LOG = LogFactory.getLog(CertDescriptor.class);
/** 证书容器,存储对商户请求报文签名私钥证书. */
private KeyStore keyStore = null;
protected static final Log LOG = LogFactory.getLog(CertDescriptor.class);
/**
* 证书容器,存储对商户请求报文签名私钥证书.
*/
private KeyStore keyStore = null;
/** 验签公钥/中级证书 */
private X509Certificate publicKeyCert = null;
/** 验签根证书 */
private X509Certificate rootKeyCert = null;
/**
* 验签公钥/中级证书
*/
private X509Certificate publicKeyCert = null;
/**
* 验签根证书
*/
private X509Certificate rootKeyCert = null;
/**
* 通过证书路径初始化为公钥证书
*
* @param certIn 证书流
* @return X509 证书
*/
private static X509Certificate initCert(InputStream certIn) {
X509Certificate encryptCertTemp = null;
CertificateFactory cf = null;
try {
cf = CertificateFactory.getInstance("X.509");
encryptCertTemp = (X509Certificate) cf.generateCertificate(certIn);
// 打印证书加载信息,供测试阶段调试
if (LOG.isWarnEnabled()) {
LOG.warn("[CertId=" + encryptCertTemp.getSerialNumber().toString() + "]");
}
} catch (CertificateException e) {
LOG.error("InitCert Error", e);
} finally {
if (null != certIn) {
try {
certIn.close();
} catch (IOException e) {
LOG.error(e.toString());
}
}
}
return encryptCertTemp;
}
/**
* 通过证书路径初始化为公钥证书
* @param path 证书地址
* @return X509 证书
*/
private static X509Certificate initCert(String path) {
X509Certificate encryptCertTemp = null;
CertificateFactory cf = null;
FileInputStream in = null;
try {
cf = CertificateFactory.getInstance("X.509");
in = new FileInputStream(path);
encryptCertTemp = (X509Certificate) cf.generateCertificate(in);
// 打印证书加载信息,供测试阶段调试
if (LOG.isWarnEnabled()) {
LOG.warn("[" + path + "][CertId=" + encryptCertTemp.getSerialNumber().toString() + "]");
}
} catch (CertificateException e) {
LOG.error("InitCert Error", e);
} catch (FileNotFoundException e) {
LOG.error("InitCert Error File Not Found", e);
}finally {
if (null != in) {
try {
in.close();
} catch (IOException e) {
LOG.error(e.toString());
}
}
}
return encryptCertTemp;
}
/**
* 通过证书路径初始化为公钥证书
*
* @param path 证书地址
* @return X509 证书
*/
private static X509Certificate initCert(String path) {
X509Certificate encryptCertTemp = null;
CertificateFactory cf = null;
FileInputStream in = null;
try {
in = new FileInputStream(path);
encryptCertTemp = initCert(in);
} catch (FileNotFoundException e) {
LOG.error("InitCert Error File Not Found", e);
}
return encryptCertTemp;
}
/**
* 通过keyStore 获取私钥签名证书PrivateKey对象
*
* @param pwd 证书对应密码
* @return PrivateKey 私钥
*/
public PrivateKey getSignCertPrivateKey(String pwd) {
try {
Enumeration<String> aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
PrivateKey privateKey = (PrivateKey) keyStore.getKey(keyAlias,
pwd.toCharArray());
return privateKey;
} catch (KeyStoreException e) {
LOG.error("getSignCertPrivateKey Error", e);
return null;
} catch (UnrecoverableKeyException e) {
LOG.error("getSignCertPrivateKey Error", e);
return null;
} catch (NoSuchAlgorithmException e) {
LOG.error("getSignCertPrivateKey Error", e);
return null;
}
}
/**
* 配置的签名私钥证书certId
*
* @return 证书的物理编号
*/
public String getSignCertId() {
try {
Enumeration<String> aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
X509Certificate cert = (X509Certificate) keyStore
.getCertificate(keyAlias);
return cert.getSerialNumber().toString();
} catch (Exception e) {
LOG.error("getSignCertId Error", e);
return null;
}
}
/**
* 通过keyStore 获取私钥签名证书PrivateKey对象
*
* @param pwd 证书对应密码
* @return PrivateKey 私钥
*/
public PrivateKey getSignCertPrivateKey(String pwd) {
try {
Enumeration<String> aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
PrivateKey privateKey = (PrivateKey) keyStore.getKey(keyAlias,
pwd.toCharArray());
return privateKey;
} catch (KeyStoreException e) {
LOG.error("getSignCertPrivateKey Error", e);
return null;
} catch (UnrecoverableKeyException e) {
LOG.error("getSignCertPrivateKey Error", e);
return null;
} catch (NoSuchAlgorithmException e) {
LOG.error("getSignCertPrivateKey Error", e);
return null;
}
}
/**
* 配置的签名私钥证书certId
*
* @return 证书的物理编号
*/
public String getSignCertId() {
try {
Enumeration<String> aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
X509Certificate cert = (X509Certificate) keyStore.getCertificate(keyAlias);
return cert.getSerialNumber().toString();
} catch (Exception e) {
LOG.error("getSignCertId Error", e);
return null;
}
}
/**
* 将签名私钥证书文件读取为证书存储对象
*
* @param signCertPath 证书文件名
* @param signCertPwd 证书密码
* @param signCertType 证书类型
*/
public void initPrivateSignCert(String signCertPath, String signCertPwd, String signCertType) {
/**
* 将签名私钥证书文件读取为证书存储对象
*
* @param signCertPath 证书文件名
* @param signCertPwd 证书密码
* @param signCertType 证书类型
*/
public void initPrivateSignCert(String signCertPath, String signCertPwd, String signCertType) {
if (null != keyStore) {
keyStore = null;
}
try {
keyStore = getKeyInfo(signCertPath, signCertPwd, signCertType);
if (LOG.isInfoEnabled()) {
LOG.info("InitSignCert Successful. CertId=[" + getSignCertId() + "]");
}
} catch (IOException e) {
LOG.error("InitSignCert Error", e);
}
}
if (null != keyStore) {
keyStore = null;
}
try {
keyStore = getKeyInfo(signCertPath, signCertPwd,signCertType);
if (LOG.isInfoEnabled()) {
LOG.info("InitSignCert Successful. CertId=[" + getSignCertId() + "]");
}
} catch (IOException e) {
LOG.error("InitSignCert Error", e);
}
}
/**
* 将签名私钥证书文件读取为证书存储对象
*
* @param signCert 证书文件
* @param signCertPwd 证书密码
* @param signCertType 证书类型
*/
public void initPrivateSignCert(InputStream signCert, String signCertPwd, String signCertType) {
/**
* 将签名私钥证书文件读取为证书存储对象
*
* @param pfxkeyfile 证书文件名
* @param keypwd 证书密码
* @param type 证书类型
* @return 证书对象
* @throws IOException
*/
private KeyStore getKeyInfo(String pfxkeyfile, String keypwd, String type) throws IOException {
if (LOG.isWarnEnabled()) {
LOG.warn("加载签名证书==>" + pfxkeyfile);
}
try(FileInputStream fis = new FileInputStream(pfxkeyfile);) {
KeyStore ks = KeyStore.getInstance(type);
if (LOG.isWarnEnabled()) {
LOG.warn("Load RSA CertPath=[" + pfxkeyfile + "],Pwd=["+ keypwd + "],type=["+type+"]");
}
if (null != keyStore) {
keyStore = null;
}
keyStore = getKeyInfo(signCert, signCertPwd, signCertType);
if (LOG.isInfoEnabled()) {
LOG.info("InitSignCert Successful. CertId=[" + getSignCertId() + "]");
}
}
char[] nPassword = null;
nPassword = null == keypwd || "".equals(keypwd.trim()) ? null: keypwd.toCharArray();
if (null != ks) {
ks.load(fis, nPassword);
}
return ks;
} catch (Exception e) {
LOG.error("getKeyInfo Error", e);
return null;
}
}
/**
* 将签名私钥证书文件读取为证书存储对象
*
* @param fxKeyFile 证书文件名
* @param keyPwd 证书密码
* @param type 证书类型
* @return 证书对象
* @throws IOException
*/
private KeyStore getKeyInfo(String fxKeyFile, String keyPwd, String type) throws IOException {
if (LOG.isWarnEnabled()) {
LOG.warn("加载签名证书==>" + fxKeyFile);
}
FileInputStream fis = new FileInputStream(fxKeyFile);
return getKeyInfo(fis, keyPwd, type);
/**
* 通过keystore获取私钥证书的certId值
* @param keyStore
* @return
*/
private String getCertIdIdByStore(KeyStore keyStore) {
Enumeration<String> aliasenum = null;
try {
aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
X509Certificate cert = (X509Certificate) keyStore
.getCertificate(keyAlias);
return cert.getSerialNumber().toString();
} catch (KeyStoreException e) {
LOG.error("getCertIdIdByStore Error", e);
return null;
}
}
}
/**
* 将签名私钥证书文件读取为证书存储对象
*
* @param fxKeyFile 证书文件
* @param keyPwd 证书密码
* @param type 证书类型
* @return 证书对象
* @throws IOException
*/
public KeyStore getKeyInfo(InputStream fxKeyFile, String keyPwd, String type) {
try {
KeyStore ks = KeyStore.getInstance(type);
if (LOG.isWarnEnabled()) {
LOG.warn("Load RSA CertPath,Pwd=[" + keyPwd + "],type=[" + type + "]");
}
char[] nPassword = null;
nPassword = null == keyPwd || "".equals(keyPwd.trim()) ? null : keyPwd.toCharArray();
if (null != ks) {
ks.load(fxKeyFile, nPassword);
}
return ks;
} catch (Exception e) {
LOG.error("getKeyInfo Error", e);
return null;
} finally {
if (null != fxKeyFile) {
try {
fxKeyFile.close();
} catch (IOException e) {
LOG.error("getKeyInfo Error", e);
}
}
}
}
/**
* 通过keystore获取私钥证书的certId值
*
* @param keyStore
* @return
*/
private String getCertIdIdByStore(KeyStore keyStore) {
Enumeration<String> aliasenum = null;
try {
aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
X509Certificate cert = (X509Certificate) keyStore
.getCertificate(keyAlias);
return cert.getSerialNumber().toString();
} catch (KeyStoreException e) {
LOG.error("getCertIdIdByStore Error", e);
return null;
}
}
/**
* 加载中级证书
* @param certPath 证书地址
*/
public void initPublicCert(String certPath) {
if (!StringUtils.isEmpty(certPath)) {
publicKeyCert = initCert(certPath);
if (LOG.isInfoEnabled()) {
LOG.info("Load PublicKeyCert Successful");
}
} else if (LOG.isInfoEnabled()) {
LOG.info("PublicKeyCert is empty");
}
}
/**
* 加载证书
* @param certPath 证书地址
*/
public void initRootCert(String certPath) {
if (!StringUtils.isEmpty(certPath)) {
rootKeyCert = initCert(certPath);
if (LOG.isInfoEnabled()) {
LOG.info("Load RootCert Successful");
}
} else if (LOG.isInfoEnabled()) {
LOG.info("RootCert is empty");
}
}
/**
* 加载中级证书
*
* @param certPath 证书地址
*/
public void initPublicCert(String certPath) {
if (!StringUtils.isEmpty(certPath)) {
publicKeyCert = initCert(certPath);
if (LOG.isInfoEnabled()) {
LOG.info("Load PublicKeyCert Successful");
}
} else if (LOG.isInfoEnabled()) {
LOG.info("PublicKeyCert is empty");
}
}
/**
* 获取公钥/中级证书
* @return X509Certificate
*/
public X509Certificate getPublicCert() {
return publicKeyCert;
}
/**
* 加载中级证书
*
* @param cert 证书文件
*/
public void initPublicCert(InputStream cert) {
if (null != cert) {
publicKeyCert = initCert(cert);
if (LOG.isInfoEnabled()) {
LOG.info("Load PublicKeyCert Successful");
}
} else if (LOG.isInfoEnabled()) {
LOG.info("PublicKeyCert is empty");
}
}
/**
* 加载根证书
*
* @param certPath 证书地址
*/
public void initRootCert(String certPath) {
if (!StringUtils.isEmpty(certPath)) {
try {
initRootCert(new FileInputStream(certPath));
} catch (FileNotFoundException e) {
LOG.info("RootCert is empty");
}
} else if (LOG.isInfoEnabled()) {
LOG.info("RootCert is empty");
}
}
/**
* 加载根证书
*
* @param cert 证书文件
*/
public void initRootCert(InputStream cert) {
if (null != cert) {
rootKeyCert = initCert(cert);
if (LOG.isInfoEnabled()) {
LOG.info("Load RootCert Successful");
}
} else if (LOG.isInfoEnabled()) {
LOG.info("RootCert is empty");
}
}
/**
* 获取公钥/中级证书
*
* @return X509Certificate
*/
public X509Certificate getPublicCert() {
return publicKeyCert;
}
/**
* 获取中级证书
*
* @return X509Certificate
*/
public X509Certificate getRootCert() {
return rootKeyCert;
}
/**
* 获取中级证书
* @return X509Certificate
*/
public X509Certificate getRootCert() {
return rootKeyCert;
}
}