santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arshad Noor <arshad.n...@strongauth.com>
Subject Re: Keystore exception when signing document.
Date Tue, 29 Aug 2006 23:33:04 GMT
If the supplier gave you a PKCS12 file, then feel free to use the
following to import the key and certificate into your JKS keystore.
Not a lot of error-checking in here, since I use it for my personal
use.

Arshad Noor
StrongAuth, Inc.


------------------------

import java.security.*;
import java.io.*;

class p12jkstool
{
     static public void main(String[] args) throws Exception
     {
         if (args.length < 7)
         {
             System.err.println("Usage: java p12TOjks <pkcs12-file> 
<pkcs12-password> <pkcs12-alias> <jks-keystore> <jks-password> 
<jks-alias> <new-jks-keystore>");
             return;
         }

         String p12file  = args[0];
         String p12pin   = args[1];
         String p12alias = args[2];
         String jksfile  = args[3];
         String jkspin   = args[4];
         String jksalias = args[5];
         String newjks   = args[6];

         try
         {
             //pkcs12 keystore
             KeyStore pks = KeyStore.getInstance("pkcs12");
             //jks keystore
             KeyStore jks = KeyStore.getInstance("jks");

             // load the pkcs12 file
             pks.load(new FileInputStream(p12file), p12pin.toCharArray());

             // load the jks file (have to have an existing one)
             jks.load(new FileInputStream(jksfile), jkspin.toCharArray());

             //read the p12 certificate
             java.security.cert.Certificate [] cc = 
pks.getCertificateChain(p12alias);
             Key k = pks.getKey(p12alias, p12pin.toCharArray());

             // add to keystore and save
             jks.setKeyEntry(jksalias, k, jkspin.toCharArray(), cc);
             FileOutputStream out = new FileOutputStream(newjks);
             jks.store(out, jkspin.toCharArray());
             out.close();
             System.out.println("Transferred P12 key to new JKS 
keystore: " + newjks);

         } catch (Exception ex) {
             ex.printStackTrace();
         }
     }
}

------------------------

Ed Sweet wrote:
> 
> My main question here is what procedure should I be using to create the 
> keystore from keys/certificates supplied by a thrid-party? I can use the 
> test keystore supplied with the xml-security library with my code no 
> problem, it's just when I try and use a keystore I've created myself I 
> get this exception. What procedure do you use?
> 
> Thanks for your help,
> 


Mime
View raw message