Dne 14.12.2010 10:37, Martin Kuba napsal(a):
http://download.oracle.com/javase/6/docs/technotes/guides//security/jsse/JSSERefGuide.html#CustomizingStores
Nicméně o implementaci reloadující certifikáty CA za běhu jsem tam nic nenašel,
takže stejně nezbude než si ji napsat.
Našel jsem tam následující radu
http://download.oracle.com/javase/6/docs/technotes/guides//security/jsse/JSSERefGuide.html#OwnX509TM
cituji:
Updating the keyStore Dynamically
You can enhance MyX509TrustManager to handle dynamic keystore updates. When a
checkClientTrusted
or checkServerTrusted test fails and does not establish a trusted certificate
chain, you can add
the required trusted certificate to the keystore. You need to create a new
pkixTrustManager from
the TrustManagerFactory initialized with the updated keystore. When you
establish a new connection
(using the previously initialized SSLContext), the newly added certificate
will be called to make
the trust decisions.
Takže asi tak.
Makub
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Supercomputing Center Brno Martin Kuba
Institute of Computer Science email: ma...@ics.muni.cz
Masaryk University http://www.ics.muni.cz/~makub/
Botanicka 68a, 60200 Brno, CZ mobil: +420-603-533775
--------------------------------------------------------------
