Apache HttpClient and PEM certificate files

前端未结

关注

 2  858

-上瘾入骨i 2021-02-06 08:30

I\'d like to programmatically access a site that requires Client certificates, which I have in PEM files. In this application I don\'t want to add them to my keystore, use keyt

2条回答

太阳男子 (楼主)

2021-02-06 09:16

You can create a KeyStore from .pem files like so:

private KeyStore getTrustStore(final InputStream pathToPemFile) throws IOException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException {
    final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null);

    // load all certs
    for (Certificate cert : CertificateFactory.getInstance("X509")
            .generateCertificates(pathToPemFile)) {
        final X509Certificate crt = (X509Certificate) cert;

        try {
            final String alias = crt.getSubjectX500Principal().getName();
            ks.setCertificateEntry(alias, crt);
            LOG.info("Added alias " + alias + " to TrustStore");
        } catch (KeyStoreException exp) {
            LOG.error(exp.getMessage());
        }
    }

    return ks;
}

0 讨论(0)

查看其它2个回答