Use PEM Encoded CA Cert on filesystem directly for HTTPS request?

后端未结

关注

 1  1557

This is similar to Import PEM into Java Key Store. But the question\'s answers use OpenSSL for conversions and tools to import them into key stores on the file system.

相关标签:

1条回答

-上瘾入骨i

2020-12-06 16:26

I found the answer while trying to do this another way at Set certificate for KeyStore.TrustedCertificateEntry?. Its based on Vit Hnilica's answer at loading a certificate from keystore. I"m going to leave the question with this answer since most Stack Overflow answers start with "convert with openssl, then use keytool ...".

String CA_FILE = ...;

FileInputStream fis = new FileInputStream(CA_FILE);
X509Certificate ca = (X509Certificate) CertificateFactory.getInstance(
        "X.509").generateCertificate(new BufferedInputStream(fis));

KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
ks.setCertificateEntry(Integer.toString(1), ca);

TrustManagerFactory tmf = TrustManagerFactory
        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
...

0 讨论(0)