2

I found out that Java has it's own "certificate Store" which is located in a file in the security-folder inside the lib-folder.

You could access this from the Java Control Panel -> Security -> Manage Certificates.

But I want to access them via Java-Code. Does someone have some information about this? How the certificates are stored inside the certificate-File? Is there a Java built-in way for this or official documentation from Java / Oracle?

Thanks!

Raúl
  • 1,542
  • 4
  • 24
  • 37
Opa114
  • 518
  • 4
  • 12
  • 28

2 Answers2

2

Look at the java keystore, it may helps you:

http://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html

https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores

http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html

Exemples of importing certificates in java:

Programmatically Import CA trust cert into existing keystore file without using keytool

programmatically import .cer certificate into keystore

Community
  • 1
  • 1
Steph
  • 779
  • 1
  • 8
  • 18
2

We had to use certs through the code to make API calls to certain applications. We could not install the certs on the code container for some reasons. The API service provider gave us the .cer file.Apache HTTP client was used for this purpose

Start with first creating a file based keystore and loaded this .cer file onto it

keytool -import -alias joe -file <path>/file.cer -keystore <keystoreName> -storepass <password>

Then add the generated keystore file as a resource into the application and build your custom HTTPClient to use this keystore 

 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
 import org.apache.http.ssl.SSLContexts;
 import javax.net.ssl.SSLContext;
 import java.io.File;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;

            File file = new File(getClass().getClassLoader().getResource(<pathTokeystoreFile>).getFile());
                    SSLContext sslcontext = SSLContexts.custom()

                            .loadTrustMaterial(file, CERT_PASSWORD.toCharArray(),
                                    new TrustSelfSignedStrategy())
                            .build();
                    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                            sslcontext,
                            new String[]{"TLSv1", "SSLv3", "TLSv1.1", "TLSv1.2"},
                            null,
                            SSLConnectionSocketFactory.getDefaultHostnameVerifier());


             CloseableHttpClient customClient; 
            customClient = HttpClients.custom()
                            .setSSLSocketFactory(sslConnectionSocketFactory)
                            .build();
                }
sharpcodes
  • 143
  • 1
  • 11