1

I need to import a trusted certificate into an already existing keystore, here is my code but its throwing me an EOFException, what could be wrong?

public void importTrustedCertificate( String alias, byte [] trustedCertificate )
        throws Exception
    {
        KeyStore keyStore = KeyStore.getInstance( "JKS" );
        FileInputStream fileInputStream = new FileInputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
        FileOutputStream fileOutputStream = new FileOutputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );

        keyStore.load( fileInputStream, "keystore".toCharArray() );
        keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );

        keyStore.store( fileOutputStream, "keystore".toCharArray() );
        fileInputStream.close();
        fileOutputStream.close();

        return;
    }

The Error:

Exception in thread "main" java.io.EOFException
    at java.io.DataInputStream.readInt(DataInputStream.java:375)
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:628)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
    at java.security.KeyStore.load(KeyStore.java:1185)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.importTrustedCertificate(IniFileGenerator.java:107)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.processZipFile(IniFileGenerator.java:165)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.main(IniFileGenerator.java:180)

Java Result: 1
Behnam Safari
  • 2,941
  • 6
  • 27
  • 42
shawn
  • 4,063
  • 7
  • 37
  • 54
  • 1
    Cannot instantiate the type X509Certificates on line # 7 – Salman Jul 17 '12 at 09:20
  • can you upload the complete code of creating a keystore and then importing a certificate into it? i have pfx certificate, can i import that certificate init? i am using android 2.3.3 – Salman Jul 17 '12 at 09:39
  • See http://stackoverflow.com/questions/32851341/load-ca-root-certificate-at-runtime-in-java – Caio Henrique Oct 27 '16 at 16:29

2 Answers2

4

Are you sure the file at this location is not empty? Can keytool list its contents? This EOFException doesn't look specific to keystores, but it seems that the initial file you're trying to load from is shorter than it should be.

In addition, your FileInputStream and FileOutputStream refer to the same file. I'd suggest closing the one your read from before writing to the other one, to avoid conflicts:

FileInputStream fileInputStream = new FileInputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
keyStore.load( fileInputStream, "keystore".toCharArray() );
fileInputStream.close();
keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );

FileOutputStream fileOutputStream = new FileOutputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
keyStore.store( fileOutputStream, "keystore".toCharArray() );
fileOutputStream.close();
Bruno
  • 119,590
  • 31
  • 270
  • 376
  • seems like closing one before opening the other stream works, thanks, how did you know they would conflict? – shawn Dec 08 '11 at 02:50
  • 1
    Cannot instantiate the type X509Certificate on following line `keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );` – Salman Jul 17 '12 at 09:21
  • can you help me in creating a keystore and then importing a certificate into it? i have pfx certificate, can i import that certificate init? i am using android 2.3.3. Thanks in advance – Salman Jul 17 '12 at 09:39
0

Try this one...

Certificate certificate = keyStore.getCertificate(alias);

keyStore.setCertificateEntry(alias, certificate);

Manoj Behera
  • 2,736
  • 22
  • 13