I would like to create a JAVA program that import the .cer CA into the existing keystore file. So that end-user can insert the CA cert more convenience(without using CMD and key in the command).
Is that anywhere that JAVA code can do this?
i try some way, but still fail in getting the cert into java
CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream certstream = fullStream (certfile); Certificate certs = cf.generateCertificates(certstream);
the error is incompatible types, is there any other suggestion?
Thanks Lot
You can't import a CSR into a keystore as far as I know, and the operation makes no sense even if you could. What really happened is that you received a PFX file, which is already a keystore, and already contains keypair, signed certificate, and CA chain.
The following code inserts the CA cert file yourcert.cer
into your keystore without using keytool
:
import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.security.Key; import java.security.KeyStore; import java.security.cert.Certificate; import java.io.IOException; import java.io.InputStream; import java.io.DataInputStream; import java.io.ByteArrayInputStream; import java.security.spec.*; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.util.Collection; public class ImportCA { public static void main(String[] argv) throws Exception { String certfile = "yourcert.cer"; /*your cert path*/ FileInputStream is = new FileInputStream("yourKeyStore.keystore"); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(is, "yourKeyStorePass".toCharArray()); String alias = "youralias"; char[] password = "yourKeyStorePass".toCharArray(); ////// CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream certstream = fullStream (certfile); Certificate certs = cf.generateCertificate(certstream); /// File keystoreFile = new File("yourKeyStorePass.keystore"); // Load the keystore contents FileInputStream in = new FileInputStream(keystoreFile); keystore.load(in, password); in.close(); // Add the certificate keystore.setCertificateEntry(alias, certs); // Save the new keystore contents FileOutputStream out = new FileOutputStream(keystoreFile); keystore.store(out, password); out.close(); } private static InputStream fullStream ( String fname ) throws IOException { FileInputStream fis = new FileInputStream(fname); DataInputStream dis = new DataInputStream(fis); byte[] bytes = new byte[dis.available()]; dis.readFully(bytes); ByteArrayInputStream bais = new ByteArrayInputStream(bytes); return bais; } }
Download certs from links and store into specific path.. then load that file into trustStore during runtime using below code.. i hope this exaple will help you..
KeyStore keyStore = KeyStore.getInstance("JKS"); String fileName = "D:\\certs_path\\cacerts"; // cerrtification file path System.setProperty("javax.net.ssl.trustStore", fileName);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With