loading a certificate from keystore

Question

Load a certificate and keys from keystore which is password protected and then use it for cert verification and digital signing

score 6 · Answer 1 · answered Aug 21 '11 at 20:27

To read the certificate is really trivial.

CertificateFactory factory = CertificateFactory.getInstance("X.509");  
X509Certificate certificate = (X509Certificate) factory.generateCertificate(new FileInputStream("file.pem"));

This is with standard APIs (in try/catch) etc and you have loaded your certificate.
Now the toString method of certificate is not suitable for you since it just captures the "user's" view of the certificate e.g. you would use it for println for instance
Can't you send the certificate object itself?
Not sure what your server expects so you can look into the various methods of certificate
X509Certificate

score 2 · Answer 2 · answered Aug 21 '11 at 19:19

I use this code

    PEMReader pr=new PEMReader(new StringReader(trust_certs));
    KeyStore trustStore  = KeyStore.getInstance(KeyStore.getDefaultType());
    trustStore.load(null, null);
    Object o;
    int i=0;
    while((o=pr.readObject())!=null){
        if(o instanceof X509Certificate){
            i++;
            X509Certificate c=(X509Certificate)o;
            trustStore.setCertificateEntry(Integer.toString(i), c);
        }
    }

http://www.bouncycastle.org/docs/docs1.6/org/bouncycastle/openssl/PEMReader.html

score 0 · Answer 3 · answered Aug 21 '11 at 18:45

0

A pem file is read as any other text file. Read the Java tutorial about IO (and concentrate on character streams, since a pem file contains text, and on File IO, since this is what you want to do)

answered Aug 21 '11 at 18:45

JB Nizet

678,734
91
1,224
1,255

loading a certificate from keystore

3 Answers3

Linked