keystore

Java: Loading SSL Keystore via a rsource.

If I have: System.setProperty("javax.net.ssl.keyStore", '/etc/certificates/fdms/WS1001237590._.1.ks'); System.setProperty("javax.net.ssl.keyStorePassword", 'DV8u4xRVDq'); System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true"); I'm able to open a secure connection without a problem. However, I'd like to have the certi...

Is there a naming convention for keystore (java)

I'm working with java keystores for the first time. Is there a standard extension / suffix for a keystore? Are they typically named .ks? If it's a java keystore am I supposed to use .jks? I would like to follow a naming convention if one is generally accepted. ...

Basic questions on Keystore usage

I've got an application which generates SecretKeys, one per client. These need to be persisted in our database. I'm REALLY unfamiliar with common security patterns or implementations, and I'm looking for advice. The KeyStore class seems to be widely used, especially to protect SecretKeys. However, I've seen little mentioning using Ke...

What algorithm does java.security.KeyStore use to encrypt the privateKey in KeyStore.setKeyEntry() and KeyStore.store()?

setKeyEntry() allows a password to protect a single private key, and store() allows a password to encrypt the entire keyStore. I'm using pkcs12 keystore type with the BC as the provider, and I can't figure out what it's using for encryption. Am I able to specify the kind of encryption used in these methods? ...

How can I get a list of trusted root certificates in Java?

I would like to be able to get access to all trusted root certificates programmatically in a Java app. I was looking at the keystore interface, but I'm hoping to get the list of trusted roots that's implicit with the JRE. Is this accessible anywhere? ...

Cache the contents of KeyStore and convert it to a InputStream

Hi, I am using AES to accomplish symmetric-key encryption. I store the Key in a password protected KeyStore. the api exposes the following for loading the key from keystore keyStore.load(inputStream, keyStorePassword.toCharArray()); so everytime when i want to enrypt or decrypt , i have to pass the inputstream which is atleast in my...

BlackBerry: How to use PersistableRIMKeyStore?

Hi! I need to securely store private user data so it can persist across my app starts as well as device resets. This will be a String I guess about 1000 chars at maximum. I was told I can use RIM KeyStore API for this. Well, I spent hours googling out any gide on RIM KeyStore API usage. JDE samples do not contain anything useful on t...

Where does Eclipse hide the keystore?

I'm surprisingly frustrated by this, and I suspect the answer is simple. I have compiled and signed my android app using the Export Wizard, as described here in the section 'Compile and sign with Eclipse ADT'. I would like to backup the keystore and have it handy for future app updates, but I can't figure out for the life of me where t...

Access Local Machine Certificate Store in Java?

Is it possible to access certificates stored in the Local Machine store (rather than Current User) from a Java Servlet? I've tried using the MSCAPI provider opening the "Windows-MY" and "Windows-ROOT" stores, but neither contain certificates from the Local Machine store. ...

Lost Code Signing Certificate Alias

Our company purchased a code signing certificate from Thawte a few weeks ago. When we finally received the certificate from the purchasing team they didn't know the alias for the certificate! I don't seem to be able to import the cert without the alias and they have no clue at all what it is. Is there a way of retrieving the alias? H...

Sign a midlet with a certificate reply from GeoTrust

i got a .cer file which the request for was made from some other computer. i imported the certificate to my keystore and tried to sign the midlet using jarsign. and got this error: jarsigner: Certificate chain not found for: somealias. somealias must reference a valid KeyStore key entry containing a private key and corresponding public ...

Java licensing API

Hi, I just came across TrueLicense Project API for licensing Java projects. I want to know are there any other similar APIs available? Please suggest me some. Also I am not familiar with the process of generating the keystore which is needed for this. Can anyone guide me about the process of generating .store file which is used in th...

Keystore and SunMSCAPI aliases problem

Hi, I have a problem with java KeyStore. I am using SunMSCAPI Provider to retrieve certificates from Windows-MY keystore. I have two certifcates there, both have been issued with the same parameters (C, CN, IssuedBy...), but they have different validity. SunMSCAPI Provider assigns them the same aliases. When I want to get this certific...

Can I prevent digital signature warning when I start a java application from command line?

Is there any way to prevent the "The application's digital signature cannot be verified" warning message from appearing when you run a Java application from the command line? I'm looking for a command line solution that would allow to start an application like this on a continuous integration server, so I need a solution that would not ...

How to get an APK into the market with an extra certificate... because I lost my first keystore

My keystore has gone missing. I most likely deleted it by mistake, but I can't find it in my recycling bin. --My keystore was originally in my bin folder, not a good place for it as files get automatically deleted when publishing I know the details for the previous keystore... except maybe the date of expiry. I want to put an update o...

How can I move my SSL cert from Tomcat to Apache

I am moving my site from a tomcat only instance to an apache httd/ apache tomcat setup. I'm trying to set up the ssl with mod_ssl on apache httpd. But I don't know how to convert my tomcat keystoreFile/keystorePass to the apache httpd SSLCertificateFile/SSLCertificateKeyFile format. I am pouring over the openssl man pages with no luck...

Using the same debug keystore on multiple computers

I'm developing on multiple computers. If I deploy to my phone directly from Eclipse on one computer, I can't deploy from the other without uninstalling first. I'm assuming this is because there is a debug certificate being used to sign the app, and they're not the same across the two machines. Is it possible to copy one over to the ot...

how to load an rsa privated key encrypted with des in java

hi, in my job i was assigned a task in which i have to programmatically load a private and public keys from files and then store them in a .jks file,the private key was generated using openssl, its an rsa des encrypted key in der format,i have no problem loading the public key, however,i haven't found a way to load the private key in its...

Can I add a new certificate to the keystore without restarting the JVM?

I'd like to import a new certificate into the keystore without restarting a running service. Is that possible? Alternatively, is it possible to specify a certificate to use that's not in the keystore for a specific URL connection? ...

Security implications of storing the keystore in a public repo

What are the security implications of storing the keystore in a public repo, along with the source code? The reason for storing it in the repo is convenience. There are no dependencies when you do a 'git pull or clone' and build on your local machine (for e.g. with sbt sign-release): you just provide the password when prompted and a sig...