/** Returns a trust manager that trusts {@code trustedCertificates}. */ public static X509TrustManager newTrustManager(String keyStoreType, List<X509Certificate> trustedCertificates) throws GeneralSecurityException { KeyStore trustStore = newEmptyKeyStore(keyStoreType); for (int i = 0; i < trustedCertificates.size(); i++) { trustStore.setCertificateEntry("cert_" + i, trustedCertificates.get(i)); } TrustManagerFactory factory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm()); factory.init(trustStore); TrustManager[] result = factory.getTrustManagers(); if (result.length != 1 || !(result[0] instanceof X509TrustManager)) { throw new IllegalStateException("Unexpected trust managers:" + Arrays.toString(result)); } return (X509TrustManager) result[0]; }
static TrustManagerFactory buildTrustManagerFactory( X509Certificate[] certCollection, TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); int i = 1; for (X509Certificate cert: certCollection) { String alias = Integer.toString(i); ks.setCertificateEntry(alias, cert); i++; } // Set up trust manager factory to use our key store. if (trustManagerFactory == null) { trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); } trustManagerFactory.init(ks); return trustManagerFactory; }
public static KeyStore loadTrustStore(File certificateChainFile) throws IOException, GeneralSecurityException { KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(null, null); List<X509Certificate> certificateChain = readCertificateChain(certificateChainFile); for (X509Certificate certificate : certificateChain) { X500Principal principal = certificate.getSubjectX500Principal(); keyStore.setCertificateEntry(principal.getName("RFC2253"), certificate); } return keyStore; }
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() ); ks.load( in, passphrase ); in.close(); CertificateFactory cf = CertificateFactory.getInstance( "X.509" ); Certificate cert = cf.generateCertificate( getCertificateStream() ); ks.setCertificateEntry( hostname, cert ); LOG.debug( "Added certificate to keystore 'jssecacerts' using alias '" + hostname + "'" );
import java.io.BufferedInputStream; import java.io.IOException; import java.io.InputStream; //VERY IMPORTANT. SOME OF THESE EXIST IN MORE THAN ONE PACKAGE! import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; //Put everything after here in your function. KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null);//Make an empty store InputStream fis = /* insert your file path here */; BufferedInputStream bis = new BufferedInputStream(fis); CertificateFactory cf = CertificateFactory.getInstance("X.509"); while (bis.available() > 0) { Certificate cert = cf.generateCertificate(bis); trustStore.setCertificateEntry("fiddler"+bis.available(), cert); }
private static KeyStore loadCA(Stream<Buffer> certValues) throws Exception { final KeyStore keyStore = createEmptyKeyStore(); keyStore.load(null, null); int count = 0; Iterable<Buffer> iterable = certValues::iterator; for (Buffer certValue : iterable) { for (Certificate cert : loadCerts(certValue)) { keyStore.setCertificateEntry(DUMMY_CERT_ALIAS + count++, cert); } } return keyStore; }
public void storeCACertificate(File storeFile, String password, Certificate caCertificate, Registration entry) throws Exception { lazyLoadedStore = KeyStore.getInstance(KEYSTORE_TYPE); loadStore(lazyLoadedStore); lazyLoadedStore.setCertificateEntry("ca-cert", caCertificate); lazyLoadedStore.setEntry("ca-intermediate", entry.asKeyStoreEntry(), new KeyStore.PasswordProtection(password.toCharArray())); writeStore(storeFile, password); }
InputStream is = new FileInputStream("cacert.crt"); // You could get a resource as a stream instead. CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate caCert = (X509Certificate)cf.generateCertificate(is); TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null); // You don't need the KeyStore instance to come from a file. ks.setCertificateEntry("caCert", caCert); tmf.init(ks); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tmf.getTrustManagers(), null);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); Path ksPath = Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"); keyStore.load(Files.newInputStream(ksPath), "changeit".toCharArray()); CertificateFactory cf = CertificateFactory.getInstance("X.509"); try (InputStream caInput = new BufferedInputStream( .getSubjectDN()); keyStore.setCertificateEntry("DSTRootCAX3", crt);
public static KeyStore toTruststore(final String trustCertificatesAliasPrefix, final X509Certificate[] trustCertificates) throws Exception { if(trustCertificates == null) { return null; } KeyStore ks = KeyStore.getInstance(JKS); ks.load(null); if(trustCertificates != null && trustCertificates.length > 0) { for (int i = 0; i < trustCertificates.length; i++) { X509Certificate x509Certificate = trustCertificates[i]; ks.setCertificateEntry(trustCertificatesAliasPrefix+"_"+i, x509Certificate); } } return ks; }
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in); if (certificates.isEmpty()) { for (Certificate certificate : certificates) { String certificateAlias = Integer.toString(index++); keyStore.setCertificateEntry(certificateAlias, certificate); KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
private static KeyStore loadCA(Stream<Buffer> certValues) throws Exception { final KeyStore keyStore = createEmptyKeyStore(); keyStore.load(null, null); int count = 0; Iterable<Buffer> iterable = certValues::iterator; for (Buffer certValue : iterable) { for (Certificate cert : loadCerts(certValue)) { keyStore.setCertificateEntry(DUMMY_CERT_ALIAS + count++, cert); } } return keyStore; }
static TrustManagerFactory buildTrustManagerFactory( X509Certificate[] certCollection, TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); int i = 1; for (X509Certificate cert: certCollection) { String alias = Integer.toString(i); ks.setCertificateEntry(alias, cert); i++; } // Set up trust manager factory to use our key store. if (trustManagerFactory == null) { trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); } trustManagerFactory.init(ks); return trustManagerFactory; }
final BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream); try { final KeyStore keyStore = KeyStore.getInstance(getKeyStoreType()); switch (getStreamType()) { case CERTIFICATE: final CertificateFactory certificateFactory = CertificateFactory.getInstance(certificateType); final Certificate certificate = certificateFactory.generateCertificate(bufferedInputStream); keyStore.load(null, null); keyStore.setCertificateEntry("ca", certificate); break; case KEYSTORE: keyStore.load(bufferedInputStream, getPassword());
public static KeyStore loadTrustStore(File certificateChainFile) throws IOException, GeneralSecurityException { KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(null, null); List<X509Certificate> certificateChain = readCertificateChain(certificateChainFile); for (X509Certificate certificate : certificateChain) { X500Principal principal = certificate.getSubjectX500Principal(); keyStore.setCertificateEntry(principal.getName("RFC2253"), certificate); } return keyStore; }
if (ks.isCertificateEntry(alias) && ! alias.startsWith(DUMMY_CERT_ALIAS)){ final KeyStore keyStore = createEmptyKeyStore(); keyStore.setCertificateEntry("cert-1", cert); TrustManagerFactory fact = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); fact.init(keyStore); trustMgrMap.put(alias, fact);
public SingleCertTrustManager(InputStream in) throws IOException, GeneralSecurityException { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); // Note: KeyStore requires it be loaded even if you don't load anything into it: ks.load(null); CertificateFactory cf = CertificateFactory.getInstance("X509"); cert = (X509Certificate) cf.generateCertificate(in); ks.setCertificateEntry(UUID.randomUUID().toString(), cert); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); for (TrustManager tm : tmf.getTrustManagers()) { if (tm instanceof X509TrustManager) { trustManager = (X509TrustManager) tm; break; } } if (trustManager == null) { throw new GeneralSecurityException(GT.tr("No X509TrustManager found")); } }
private SSLContext sslContext(URL trustedCertificate) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, KeyManagementException { SSLContextBuilder sslContextBuilder = SSLContexts.custom(); if(trustedCertificate != null) { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null); // initializes keystore CertificateFactory cf = CertificateFactory.getInstance("X.509"); Certificate cert = null; try (InputStream trustedCertStream = trustedCertificate.openStream()) { cert = cf.generateCertificate(trustedCertStream); } if (cert!=null) keystore.setCertificateEntry("onlyentry", cert); sslContextBuilder.loadTrustMaterial(keystore, null); } return sslContextBuilder.build(); } }
KeyStore agentTruststore() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException { KeyStore trustStore = null; List<X509Certificate> certificates = new CertificateFileParser().certificates(rootCertFile); for (X509Certificate certificate : certificates) { if (trustStore == null) { trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); } trustStore.setCertificateEntry(certificate.getSubjectX500Principal().getName(), certificate); } return trustStore; }
if (ks.isCertificateEntry(alias) && ! alias.startsWith(DUMMY_CERT_ALIAS)){ final KeyStore keyStore = createEmptyKeyStore(); keyStore.setCertificateEntry("cert-1", cert); TrustManagerFactory fact = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); fact.init(keyStore); trustMgrMap.put(alias, fact);