Lukas Zapletal wrote: > Diky za info. Nedari se mi vsak importovat certifikat ve formatu > PKCS#12, nevite jak na to? Hledam v dokumentaci, ale ackoliv se JCE ve > verzi 1.5 chlubi tim, ze by to mela podporovat, tak to nemohu najit.
Vim. Ale v PKCS12 souboru nebyva jen certifikat, ale i tajny klic
a cely retezec certifikatu zacinajici korenovou certifikacni autoritou.
Nactete ho takhle:
static KeyStore nactiKeyStore(String ksfile,String password) throws
KeyStoreException,CertificateException,NoSuchAlgorithmException,IOException
{
//urci typ keystore
String kstype = null;
if(ksfile.endsWith(".ks")) { kstype = "JKS"; }
if(ksfile.endsWith(".p12")) { kstype = "PKCS12"; }
if(kstype==null) {
System.err.println("keystore file name "+ksfile+" must end with
.ks (JKS) or .p12 (PKCS12)");
System.exit(1);
}
//nacti keystore
KeyStore store = KeyStore.getInstance(kstype);
store.load(new FileInputStream(ksfile), password.toCharArray());
return store;
}
...
KeyStore ks1 = nactiKeyStore("soubor.p12","heslosouboru");
String alias = null;
for(Enumeration e = ks1.aliases();e.hasMoreElements();) {
String a = (String)e.nextElement();
if (ks1.isKeyEntry(a)) { alias = a; }
}
System.out.println("alias tajneho klice: "+alias);
PrivateKey privateKey = (PrivateKey)
ks1.getKey(alias,"hesloklice".toCharArray());
System.out.println("PrivateKey:"+privateKey.getAlgorithm()+"/"+privateKey.getFormat());
Certificate[] chain = ks1.getCertificateChain(alias);
System.out.println("X509: "+((X509Certificate)
chain[0]).getSubjectX500Principal().getName());
Makub
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Supercomputing Center Brno Martin Kuba
Institute of Computer Science email: [EMAIL PROTECTED]
Masaryk University http://www.ics.muni.cz/~makub/
Botanicka 68a, 60200 Brno, CZ mobil: +420-603-533775
--------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature
