Java Tutorial/Security/Keystore
Содержание
- 1 Adding a Certificate to a Key Store
- 2 Create a keystore with a self-signed certificate, using the keytool command
- 3 Listing the Aliases in a Key Store: A key store is a collection of keys and certificates.
- 4 Listing the Aliases in a Key Store using keytool:
- 5 Retrieving a Certificate from a Key Store
- 6 Retrieving a Key Pair from a Key Store
- 7 Specify the keystore of certificates using the javax.net.ssl.keyStore system property:
Adding a Certificate to a Key Store
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
public class Main {
public static void main(String[] argv) throws Exception {
FileInputStream is = new FileInputStream("your.keystore");
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, "my-keystore-password".toCharArray());
String alias = "myalias";
char[] password = "password".toCharArray();
Certificate cert = keystore.getCertificate(alias);
File keystoreFile = new File("your.keystore");
// Load the keystore contents
FileInputStream in = new FileInputStream(keystoreFile);
keystore.load(in, password);
in.close();
// Add the certificate
keystore.setCertificateEntry(alias, cert);
// Save the new keystore contents
FileOutputStream out = new FileOutputStream(keystoreFile);
keystore.store(out, password);
out.close();
}
}
Create a keystore with a self-signed certificate, using the keytool command
keytool -keystore mySrvKeystore -keypasswd 123456 -genkey -keyalg RSA -alias mycert
Listing the Aliases in a Key Store: A key store is a collection of keys and certificates.
import java.io.FileInputStream;
import java.security.KeyStore;
import java.util.Enumeration;
public class Main {
public static void main(String[] argv) throws Exception {
FileInputStream is = new FileInputStream("yourfile"+".keystore");
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
String password = "my-keystore-password";
keystore.load(is, password.toCharArray());
Enumeration e = keystore.aliases();
for (; e.hasMoreElements();) {
String alias = (String) e.nextElement();
boolean b = keystore.isKeyEntry(alias);
b = keystore.isCertificateEntry(alias);
}
is.close();
}
}
Listing the Aliases in a Key Store using keytool:
keytool -list -storepass my-keystore-password
Retrieving a Certificate from a Key Store
import java.io.FileInputStream;
import java.security.KeyStore;
public class Main {
public static void main(String[] argv) throws Exception {
FileInputStream is = new FileInputStream("your.keystore");
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, "my-keystore-password".toCharArray());
// Get certificate
java.security.cert.Certificate cert = keystore.getCertificate("myalias");
}
}
Retrieving a Key Pair from a Key Store
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
public class Main {
public static void main(String[] argv) throws Exception {
FileInputStream is = new FileInputStream("your.keystore");
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, "my-keystore-password".toCharArray());
String alias = "myalias";
Key key = keystore.getKey(alias, "password".toCharArray());
if (key instanceof PrivateKey) {
// Get certificate of public key
Certificate cert = keystore.getCertificate(alias);
// Get public key
PublicKey publicKey = cert.getPublicKey();
// Return a key pair
new KeyPair(publicKey, (PrivateKey) key);
}
}
}
Specify the keystore of certificates using the javax.net.ssl.keyStore system property:
java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 MyServer
