List of usage examples for java.security KeyStore getCertificate
public final Certificate getCertificate(String alias) throws KeyStoreException
From source file:org.lockss.util.TestKeyStoreUtil.java
public void testStoreJks() throws Exception { File dir = getTempDir();/*from www. j a v a 2 s . co m*/ File file = new File(dir, "test.ks"); Properties p = initProps(); p.put(KeyStoreUtil.PROP_KEYSTORE_FILE, file.toString()); p.put(KeyStoreUtil.PROP_KEYSTORE_TYPE, "JKS"); p.put(KeyStoreUtil.PROP_KEYSTORE_PROVIDER, ""); assertFalse(file.exists()); KeyStore ks = KeyStoreUtil.createKeyStore(p); assertTrue(file.exists()); KeyStore ks2 = loadKeyStore(ks.getType(), file, PASSWD); List aliases = ListUtil.fromIterator(new EnumerationIterator(ks2.aliases())); assertIsomorphic(SetUtil.set("mykey", "mycert"), SetUtil.theSet(aliases)); assertNotNull(ks2.getCertificate("mycert")); assertNull(ks2.getCertificate("foocert")); assertEquals("JKS", ks2.getType()); }
From source file:com.vmware.identity.idm.server.ClientCertTestUtils.java
/** * @return selfsigned valid cert//from ww w. j av a 2 s . c o m * @throws KeyStoreException */ public X509Certificate[] getValidCert() throws KeyStoreException { KeyStore ks = loadKeyStore(clientStoreName, storePass); if (!ks.isCertificateEntry(validCertAlias)) { throw new KeyStoreException("Cert not in the store"); } X509Certificate leaf = (X509Certificate) ks.getCertificate(validCertAlias); X509Certificate[] certs = { leaf }; return certs; }
From source file:com.vmware.identity.idm.server.ClientCertTestUtils.java
public X509Certificate[] getDodValidCert1() throws KeyStoreException { KeyStore ks = loadKeyStore(clientStoreName, storePass); if (!ks.isCertificateEntry(validDodCertAlias1)) { throw new KeyStoreException("Cert not in the store"); }//from w w w . j a v a 2 s . co m X509Certificate leaf = (X509Certificate) ks.getCertificate(validDodCertAlias1); X509Certificate[] certs = { leaf }; return certs; }
From source file:mitm.BouncyCastleSslEngineSource.java
private void initializeSSLContext() throws GeneralSecurityException, IOException { KeyStore ks = loadKeyStore(); caCert = ks.getCertificate(authority.alias()); caPrivKey = (PrivateKey) ks.getKey(authority.alias(), authority.password()); TrustManager[] trustManagers = null; if (trustAllServers) { trustManagers = InsecureTrustManagerFactory.INSTANCE.getTrustManagers(); } else {//from w ww. j a v a 2 s.co m trustManagers = new TrustManager[] { new MergeTrustManager(ks) }; } KeyManager[] keyManagers = null; if (sendCerts) { keyManagers = CertificateHelper.getKeyManagers(ks, authority); } else { keyManagers = new KeyManager[0]; } sslContext = CertificateHelper.newClientContext(keyManagers, trustManagers); SSLEngine sslEngine = sslContext.createSSLEngine(); if (!tryHostNameVerificationJava7(sslEngine) && !tryHostNameVerificationJava6(sslEngine)) { LOG.warn( "Host Name Verification is not supported, causes insecure HTTPS connection to upstream servers."); } }
From source file:org.talend.components.common.oauth.X509Key.java
private X509Key(Builder b) { try (InputStream keyStoreIS = new FileInputStream(b.keyStorePath)) { KeyStore keystore = KeyStore.getInstance(storeTypeKJS); keystore.load(keyStoreIS, b.keyStorePassword.toCharArray()); this.privateKey = (PrivateKey) keystore.getKey(b.certificateAlias, b.keyStorePassword.toCharArray()); this.publicKey = (X509Certificate) keystore.getCertificate(b.certificateAlias); if (privateKey == null || publicKey == null) { throw new RuntimeException( messages.getMessage("msg.err.notFoundCert", b.certificateAlias, b.keyStorePath)); }/*from www . ja va2 s . c o m*/ } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | UnrecoverableKeyException e) { throw new RuntimeException(e); } }
From source file:net.solarnetwork.node.setup.test.DefaultKeystoreServiceTest.java
@Test public void generatePKCS12Keystore() throws Exception { saveCASignedCert();/*from www . j a v a2 s . co m*/ reset(setupIdentityDao); SetupIdentityInfo info = new SetupIdentityInfo(1L, TEST_CONF_VALUE, "localhost", 80, false, TEST_PW_VALUE); expect(setupIdentityDao.getSetupIdentityInfo()).andReturn(info).atLeastOnce(); replay(setupIdentityDao); String keystoreData = service.generatePKCS12KeystoreString("foobar"); assertNotNull(keystoreData); byte[] data = Base64.decodeBase64(keystoreData); KeyStore keyStore = KeyStore.getInstance("pkcs12"); keyStore.load(new ByteArrayInputStream(data), "foobar".toCharArray()); Certificate cert = keyStore.getCertificate("node"); assertNotNull(cert); assertTrue(cert instanceof X509Certificate); X509Certificate nodeCert = (X509Certificate) cert; assertEquals(new X500Principal(TEST_DN), nodeCert.getSubjectX500Principal()); assertEquals(CA_CERT.getSubjectX500Principal(), nodeCert.getIssuerX500Principal()); }
From source file:org.ejbca.ui.cmpclient.CmpClientMessageHelper.java
private Certificate getCertFromKeystore(final KeyStore keystore, final String alias) throws KeyStoreException { Certificate cert = keystore.getCertificate(alias); if (cert == null) { log.error("getAdminDataFromKeystore: Cannot obtain admin certificate from the keystore."); System.exit(2);/* w ww.j a v a 2s . c om*/ } return cert; }
From source file:org.wso2.carbon.mss.security.JWTSecurityInterceptor.java
private PublicKey getPublicKey(String keyStorePath, String keyStorePassword, String alias) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException { try (InputStream inputStream = getClass().getClassLoader().getResourceAsStream(keyStorePath)) { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(inputStream, keyStorePassword.toCharArray()); Key key = keystore.getKey(alias, keyStorePassword.toCharArray()); if (key instanceof PrivateKey) { // Get certificate of public key java.security.cert.Certificate cert = keystore.getCertificate(alias); // Get public key return cert.getPublicKey(); }//from ww w . j a va 2 s . c o m } return null; }
From source file:org.lockss.util.TestKeyStoreUtil.java
void assertPubKs(File file, String pass, List<String> hosts) throws Exception { KeyStore ks = loadKeyStore("jceks", file, pass); List aliases = ListUtil.fromIterator(new EnumerationIterator(ks.aliases())); assertEquals(hosts.size(), aliases.size()); for (String host : hosts) { String alias = host + ".crt"; Certificate cert = ks.getCertificate(alias); assertNotNull(cert);// w w w .ja va 2s. c om assertEquals("X.509", cert.getType()); } }
From source file:eu.europa.esig.dss.x509.KeyStoreCertificateSource.java
public List<CertificateToken> populate() { List<CertificateToken> list = new ArrayList<CertificateToken>(); try {/*from w w w .j av a2 s . c o m*/ KeyStore keyStore = getKeyStore(); Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); final Certificate certificate = keyStore.getCertificate(alias); if (certificate != null) { X509Certificate x509Certificate = (X509Certificate) certificate; logger.debug("Alias " + alias + " Cert " + x509Certificate.getSubjectDN()); CertificateToken certToken = certPool.getInstance(new CertificateToken(x509Certificate), CertificateSourceType.OTHER); list.add(certToken); } Certificate[] certificateChain = keyStore.getCertificateChain(alias); if (certificateChain != null) { for (Certificate chainCert : certificateChain) { logger.debug("Alias " + alias + " Cert " + ((X509Certificate) chainCert).getSubjectDN()); CertificateToken certToken = certPool.getInstance( new CertificateToken((X509Certificate) chainCert), CertificateSourceType.OCSP_RESPONSE); if (!list.contains(certToken)) { list.add(certToken); } } } } } catch (Exception e) { throw new DSSEncodingException(MSG.CERTIFICATE_CANNOT_BE_READ, e); } return list; }