I have an applet that loads its jar dependencies from a server using SSL + client certificate authentication.
The web page that loads the applet is already authenticated using a client certificate.
However, when the applet starts up, the JVM process (separate from the browser) brings up a dialog for certificate selection. These certificates, as it turns out, are read from the java client cert keystore:
%USERPROFILE%\Application Data\Sun\Java\Deployment\security\trusted.clientcerts (Windows XP/2000)
%USERPROFILE%\AppData\LocalLow\Sun\Java\Deployment\security\trusted.clientcerts (Windows 7)
I want to avoid forcing the user to import his/her certificate into this keystore. Instead, I want to make the JVM search for the certificate in the Firefox's certificate keystore.
Is this doable? Real-world examples would be highly appreciated!