java - Fetching third party certificate from the keystore -



java - Fetching third party certificate from the keystore -

i have 3rd party certificate have stored in keystore next command:

keytool -import -trustcacerts -alias clientkey -file godady.crt -keystore keystoregodaddyclient.jks -keypass testme

now want store same in keymanager, code follows:

keymanagerfactory keymanagerfactory = keymanagerfactory .getinstance("sunx509", "sunjsse"); keymanagerfactory.init( keystore, "test".tochararray()); x509keymanager x509keymanager = null; (keymanager keymanager : keymanagerfactory.getkeymanagers()) { if (keymanager instanceof x509keymanager) { x509keymanager = (x509keymanager) keymanager; break; } } x509certificate[] clientcert = x509keymanager .getcertificatechain("test"); sslcontext sslcontext = sslcontext.getinstance("tls"); sslcontext.init(new keymanager[] { x509keymanager }, new trustmanager[] { x509trustmanager }, null); sslsocketfactory sslsocketfactory = sslcontext.getsocketfactory(); connection.setsslsocketfactory(sslsocketfactory);

but not able fetch certificate.see no certificate fetched, same works when create own self signed certificate.

you're using wrong method. certificate chain associated private key. don't have private key. 3rd party has private key. should using getcertificate().

a keystore has 2 distinct uses:

as 'keystore', holding key pairs , certificate chains them. relevant apis utilize getkey(), setkeyentry() , getcertificatechain().

as 'truststore', holding trusted third-party (ca) certificates. relevant apis utilize getcertificate() , setcertificateentry().

java security godaddy keytool

Comments

Popular posts from this blog

php - Android app custom user registration and login with cookie using facebook sdk -

c# - Create a Notification Object (Email or Page) At Run Time -- Dependency Injection or Factory -

Set Up Of Common Name Of SSL Certificate To Protect Plesk Panel -