用Java访问本地机器证书存储区？

Question

用Java访问本地机器证书存储区？

Pet*_*y B 5 java windows tomcat keystore certificate-store

是否可以从Java Servlet访问存储在本地计算机存储(而不是当前用户)中的证书？我尝试使用MSCAPI提供程序打开"Windows-MY"和"Windows-ROOT"存储,但都不包含本地计算机存储中的证书.

Answer 1

Aar*_*ers -1

您要查找的证书位于 java keystore 文件中或在启动服务器时传递到 tomcat

http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html

如果您尝试将它们加载到应用程序中，请在此处查找发出 HTTPS 请求，然后 HTTPClient 文档将帮助您入门

http://www.jdocs.com/httpclient/3.0.1/api-index.html?m=class&p=org.apache.commons.httpclient.contrib.ssl&c=AuthSSLProtocolSocketFactory&render=classic

不确定这是否对您有帮助，但如果您可以提供更多详细信息，那么您也许可以获得更具体的答案

public class KeyStoreLookup {
    public static void main(String args[]) {
        try {
            KeyStore ks = 
                      KeyStore.getInstance(KeyStore.getDefaultType());
            String fname = System.getProperty("user.home") +
                                File.separator + ".keystore";
            FileInputStream fis = new FileInputStream(fname);
            ks.load(fis, null);
            if (ks.isKeyEntry(args[0])) {
                System.out.println(args[0] +
                                " is a key entry in the keystore");
                char c[] = new char[args[1].length()];
                args[1].getChars(0, c.length, c, 0);
                System.out.println("The private key for" + args[0] + 
                            " is " + ks.getKey(args[0], c));
                Certificate certs[] = ks.getCertificateChain(args[0]);
                if (certs[0] instanceof X509Certificate) {
                    X509Certificate x509 = (X509Certificate) certs[0];
                    System.out.println(args[0] + " is really " +
                        x509.getSubjectDN());
                }
                if (certs[certs.length - 1] instanceof
                                     X509Certificate) {
                    X509Certificate x509 = (X509Certificate) 
                                        certs[certs.length - 1];
                    System.out.println(args[0] + " was verified by " +
                        x509.getIssuerDN());
                }
            }
            else if (ks.isCertificateEntry(args[0])) {
                System.out.println(args[0] +
                            " is a certificate entry in the keystore");
                Certificate c = ks.getCertificate(args[0]);
                if (c instanceof X509Certificate) {
                    X509Certificate x509 = (X509Certificate) c;
                    System.out.println(args[0] + " is really " +
                        x509.getSubjectDN());
                    System.out.println(args[0] + " was verified by " +
                        x509.getIssuerDN());
                }
            }
            else {
                System.out.println(args[0] +
                        " is unknown to this keystore");
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

Run Code Online (Sandbox Code Playgroud)

归档时间：	15 年，5 月前
查看次数：	14149 次
最近记录：	7 年，5 月前