Import of SSL certificate

Thread view:

Brian - 11 May 2005 14:53 GMT

Hello,

Is the KeyStore()-class the dynamic version of "keytool"? I have a file name
"something.crt" that contains a certificate - is it possiable to load this
certificate from the file and into a keystore at runtime?

Brian

Reply to this Message

acalcium@aol.com - 10 Jun 2005 05:42 GMT

I suppose u could do something like this....

System.setProperty( "javax.net.ssl.trustStore", trustStore
);
System.setProperty( "javax.net.ssl.keyStore", keyStore );
System.setProperty( "javax.net.ssl.keyStorePassword",
keyStorePassword );
System.setProperty( "javax.net.ssl.trustStorePassword",
trustStorePassword );

Reply to this Message

Brian - 10 Jun 2005 13:24 GMT

Maybe I havent expressed the problem properly - I would try i be more
precise:

I have a file named cvrtemp.crt, and from this file i have imported af
certificate using keytool. This operation created a new filed called
cvrkeystore.kst. I use this kst-file in my application with the following
kode:
/*
System.setProperty("javax.net.ssl.trustStore","C:\\CVRKeyStore.kst");
SSLContext sslContext = SSLContext.getInstance("SSLv3");
sslContext.init(new Keymanager[] { new Keymanager() }, new
X509TrustManager[] { new MyTrustManager() }, null);
SSLSocketFactory sslSocketFactory =
sslContext.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
HttpsURLConnection.setDefaultHostnameVerifier(new
MyHostnameVerifier());
*/

The problem is the the application should be deployed at many client - and i
want to use the file cvrtemp.crt directly from my application. Is that
possiable without creating the keystore with keytool - and how is it done?

My english isent that good - so if you can understand the question, please
do not hesitate to notify me.

Kind Regard
Brian

Reply to this Message

acalcium@aol.com - 16 Jun 2005 00:05 GMT

Would this do what you want?

http://javaalmanac.com/egs/java.security.cert/ImportCert.html

and then u store it into your keystore.... (via the Keystore class...)
I think there is an example of this on the website above too...
U'll have to hunt a bit....

Reply to this Message

Brian - 20 Jun 2005 11:53 GMT

Hey,

I have the following code:
System.setProperty("javax.net.ssl.trustStore","c:\keyStore.kst");
SSLContext sslContext = SSLContext.getInstance("SSLv3");
sslContext.init(new Keymanager[] { new Keymanager() }, new
X509TrustManager[] { new MyTrustManager() }, null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());

What i would like is to avoid hardcoding the string ","c:\keyStore.kst", and
avoid creating this file with the keytool-program. Instead i would like to
import the file "something.crt" directly into the program. So the
"c:\keyStore.kst" is replaced with som kind of object. Is this possiable?

Brian

Reply to this Message

Chris Head - 20 Jun 2005 16:54 GMT

> Hey,
>
[quoted text clipped - 13 lines]
>
> Brian

Hi,
How about you use java.security.cert.CertificateFactory to load your
certificate file and get a java.security.cert.Certificate (which will be
an instance of java.security.cert.X509Certificate). You can then create
a new java.security.KeyStore, import your certificate into it, and then
use it as a parameter to javax.net.ssl.TrustManagerFactory.init(). Use
javax.net.ssl.TrustManagerFactory.getTrustManagers() to retrieve the
TrustManager objects to pass into javax.net.ssl.SSLContext.init(). You
don't need to write the KeyStore to a file this way. You can then use
javax.net.ssl.SSLContext.getSocketFactory() or
javax.net.ssl.SSLContext.getServerSocketFactory() to get the appropriate
Factory to create Sockets.

Chris

Reply to this Message

Import of SSL certificate

Free Magazines