stackoom
  简体   繁体   中英

java using private key with Certificates and Keystore?

 原文  2011-01-11 13:21:21       java/ certificate/ keystore/ pki

Question

I have a Certificate that has been added to a keystore using a KeyTool. I have also been provided private keys for use in Production / Test environment. I understand that the certificate is using a public key. Where do i place the keystore and the private keys to be able to be read by the command line programme. The following key reads the keystore. 

System.setProperty("javax.net.ssl.keyStore", "xxx.ks");
System.setProperty("javax.net.ssl.keyStorePassword", "xxx_4ps!");
System.setProperty("javax.net.ssl.trustStore", "xxx.ks");
System.setProperty("javax.net.ssl.trustStorePassword", "xxx!");.

Where do i have to place the private keys to be read by the programme. I am new to public/private key encryption so any help would be appreciated.

Kind Regards, Mateen

2 answers

solution1
 2 ACCPTED  2011-01-12 02:56:50

The private key and its corresponding certificate go in the javax.net.ssl.keyStore.

Certificates that you want to trust go in the javax.net.ssl.trustStore. Often you don't have one of your own, just use the default supplied with the JDK, in which case you don't specify this property at all.

solution2
 1  2011-01-11 14:35:53

These properties are pointing to certificates and just indirectly to keys. So, first you have to get certificates and put them into keystores.

"javax.net.ssl.keyStore" is used for keystore with certificate which is used to identify your system. By default, without any additional code, you can use just one identity certificate per keystore. To create a certificate, you have two options - one is to create self-signed certificate, another one is to create CSR and send it to certificate authority to sign.

See http://download.oracle.com/javase/1.3/docs/tooldocs/win32/keytool.html#selfcertCmd and http://download.oracle.com/javase/1.3/docs/tooldocs/win32/keytool.html#certreqCmd commands.

Once certificate is created, there will be private and public keys associated to it.

"javax.net.ssl.trustStore" points to the keystore with certificates which you trust. It means that your system will accept SSL connections only with certificates from this keystore or signed by the certificates from this keystore. These certificated can be added into the keystore using following command: http://download.oracle.com/javase/1.3/docs/tooldocs/win32/keytool.html#importCmd

You can put your keystores anywhere you like. Just ensure that java process has an access to them.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to load private key in windows store using Java KeyStore Get private key from MacOS X keystore using Java Import elliptic curve Certificate and Private Key into Java Keystore using java.security.KeyStore How to access certificates and private key from etoken using java Load certificate and private key into Java KeyStore How to use keystore in Java to store private key? Accessing keystore certificates in Java ECDH using Android KeyStore generated private key private key, public key and certificates relationship and best way to access specific certificate from keystore Importing private key to keystore
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM