Entering the password on the command line could be an option if you choose the Java Invocation API. I have done this in the past and it has worked really well.
On 4/25/05, john bart <[EMAIL PROTECTED]> wrote: > Hello to all the list. > I need some advice on where to store the keystore's password. > Right now, i have something like this in my code: > > keystore = KeyStore.getInstance("JKS"); > keystore.load(new FileInputStream("keystore.jks"),"PASSWORD"); > > the question is, where do i store the password string? all of the > possibilities that i thought about are not good enough: > 1) storing it in the code - obviously not. > 2) storing it in a seperate config file is also not secure. > 3) entering the password at runtime is not an option. > 4) encrypting the password - famous chicken and egg problem (storing the > encryption key) > > Any ideas? > > _________________________________________________________________ > Express yourself instantly with MSN Messenger! Download today it's FREE! > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ > >