Accessing SSL Private Key From a Servlet

Question

I\'m running Apache Tomcat locally and have installed a self signed certificate using OpenSSL. I also have a servlet running.

What I want to do is the following: The se

Answer 1

If I were writing a weberver I'd go to great lengths to prevent code from reading from the certificate store - I certainly wouldn't provide an API call for it!

Usually the cert is stored as a file on the webserver's filesystem (not always) but for a site with any serious security on it, this would be encrypted and require a passphrase to decrypt. Since you are using a self-signed certificate its probably not encrypted - just import the cert from the file into the keystore.