admin管理员组文章数量:1279237
I am trying to load a private key and a certificate bundled in a PKCS12 file using Java's Keystore#load. The PKCS12 file uses no password and is intended for two-way TLS connections (TLS client-authentication).
The documentation for Keystore#load describes the parameter password as follows:
password - the password used to check the integrity of the keystore, the password used to unlock the keystore, or null.
I interpreted passing null to be the correct choice when loading a PKCS12 file with no password.
On executing the following code, I expected both the private key and the certificate to be loaded into keyStore:
keyStore.load(pkcs12InputStream, null)
However, only the private key is loaded as can be seen by executing the following code after the load operation above:
keyStore.getCertificateChain("1") // or, the custom alias
which returns null
What is the correct way to load both the private key and the certificate using Keystore#load for a PKCS12 file with no password?
I am trying to load a private key and a certificate bundled in a PKCS12 file using Java's Keystore#load. The PKCS12 file uses no password and is intended for two-way TLS connections (TLS client-authentication).
The documentation for Keystore#load describes the parameter password as follows:
password - the password used to check the integrity of the keystore, the password used to unlock the keystore, or null.
I interpreted passing null to be the correct choice when loading a PKCS12 file with no password.
On executing the following code, I expected both the private key and the certificate to be loaded into keyStore:
keyStore.load(pkcs12InputStream, null)
However, only the private key is loaded as can be seen by executing the following code after the load operation above:
keyStore.getCertificateChain("1") // or, the custom alias
which returns null
What is the correct way to load both the private key and the certificate using Keystore#load for a PKCS12 file with no password?
1 Answer
Reset to default 0Keystore#load expects the value of password to be an empty character array (i.e., new char[0]) when the PKCS12 file uses no password.
It is unclear from the documentation what the purpose of passing null as the value of password is.
本文标签:
版权声明:本文标题:Java Keystore not loading certificate -- Keystore loads only the private key but not the certificate of a password-less PKCS12 f 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741231272a2362151.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论