Great, that helps. In fact, I have an external CA file that I use in
both my C++ server and my java client.
So I'll just need the setCertificateEntry. and the following stuff.
Thanks again
Sukanta Kumar Panigrahi a écrit :
Yeah you can do that using CertificateFactory class which can generate
the certificate on the fly from an InputStream. And then you can add
the Certificate to the Keystore using setCertificateEntry(...) method.
And lastly use the same keystore object with TrustManagerFactory to
get the TrustManager instances.
For this you just need to have a way to read your CA using an
InputStream...
Hope this helps.
Severine wrote:
Thx for you answer.
Yeah, That is was I did, but what I'm looking for is to do it in my
java class. I'm looking for java code to do that.
And I eventually would like to hard code the content of the CA in my
code. and import the string in the keystore using java code.
Ambarish Mitra a écrit :
Yes, the JVM has a keystore for all the trusted certificates, the
path is
jre/lib/security/cacerts.
This file has all the trusted root CA certs. Please import the CA
cert in
here, and it should work.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Severine
Sent: Monday, April 10, 2006 2:55 PM
To: openssl-users@openssl.org
Subject: CA embeded in Java client
Hi all and thanks in advance for your answers.
Here is my problem :
I have a c++ ssl webserver and I want to connect to it using a java
client.
I have manually (with keytool) imported my CA and everything works fine
like that.
But when my java client is installed, I'd like that no manual things
are
done to be able to connect succesfuly to my server.
So, is there a way to embed the CA in the java code ? I mean, I'm
looknig for the equavalent of the following CC++ code in Java.
Here os the C++ code :
******* start of code*****************
X509 *cert =NULL;
X509_STORE *store = NULL;
if (!(store = SSL_CTX_get_cert_store (ptrSocket->ctxSSLContext)))
{
printf ("Can't make X509 store");
}
const unsigned char *cert_data = &szRootCa_certificate[0];
cert = d2i_X509 (NULL, &cert_data, sizeof (szRootCa_certificate));
X509_STORE_add_cert (store,cert);
X509_free (cert);
******* end of code**************
Thanks for your answers
Severine
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
