stackoom
  简体   繁体   中英

How do I import a trusted certificate into an existing keystore programmatically?

 原文  2011-12-07 12:24:10       java/ ssl/ import/ certificate/ keystore

Question

I need to import a trusted certificate into an already existing keystore, here is my code but its throwing me an EOFException, what could be wrong? 

public void importTrustedCertificate( String alias, byte [] trustedCertificate )
        throws Exception
    {
        KeyStore keyStore = KeyStore.getInstance( "JKS" );
        FileInputStream fileInputStream = new FileInputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
        FileOutputStream fileOutputStream = new FileOutputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );

        keyStore.load( fileInputStream, "keystore".toCharArray() );
        keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );

        keyStore.store( fileOutputStream, "keystore".toCharArray() );
        fileInputStream.close();
        fileOutputStream.close();

        return;
    }

The Error: 

Exception in thread "main" java.io.EOFException
    at java.io.DataInputStream.readInt(DataInputStream.java:375)
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:628)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
    at java.security.KeyStore.load(KeyStore.java:1185)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.importTrustedCertificate(IniFileGenerator.java:107)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.processZipFile(IniFileGenerator.java:165)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.main(IniFileGenerator.java:180)

Java Result: 1

2 answers

solution1
 4 ACCPTED  2011-12-07 13:06:45

Are you sure the file at this location is not empty? Can keytool list its contents? This EOFException doesn't look specific to keystores, but it seems that the initial file you're trying to load from is shorter than it should be.

In addition, your FileInputStream and FileOutputStream refer to the same file. I'd suggest closing the one your read from before writing to the other one, to avoid conflicts: 

FileInputStream fileInputStream = new FileInputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
keyStore.load( fileInputStream, "keystore".toCharArray() );
fileInputStream.close();
keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );

FileOutputStream fileOutputStream = new FileOutputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
keyStore.store( fileOutputStream, "keystore".toCharArray() );
fileOutputStream.close();

solution2
 0  2015-03-11 06:32:22

Try this one...

Certificate certificate = keyStore.getCertificate(alias);

keyStore.setCertificateEntry(alias, certificate);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I import a PKCS12 certificate into a java keystore? programmatically import .cer certificate into keystore How do I import my VPS SSL certificate into my jetty keystore using keytools? How do I programmatically create a new KeyStore? How do I programmatically import a public key .cer file into a java keystore using JSSE? How do I import an existing Java keystore (.jks) file into a Java installation? how do I check if the X509Certificate issuer is trusted? Android - How to store certificate in keystore programmatically? How to import an existing X.509 certificate and private key in Java keystore to use in SSL? How do I create truststore and keystore from the signed certificate?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM