Download Keystore

Question

Download Keystore

I would like to know what is equivalent in java from the following:

-Djavax.net.ssl.trustStore=keystore.jks -Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.debug=ssl -Djavax.net.ssl.keyStorePassword=test JavaFile

I would like to load the keystore differently than sending it as arguments from the command line. I worked with:

 private TcpLink createSSL() { KeyStore keyStore = null; TrustManagerFactory tmf = null; SSLContext ctx = null; SSLSocket socket = null; TcpLink smscLink = null; try { keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); LOGGER.info("Got keystore"); keyStore.load(new FileInputStream("/root/keystore.jks"), "test".toCharArray()); LOGGER.info("Loaded keystore"); tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); LOGGER.info("Inited keystore"); ctx = SSLContext.getInstance("TLSv1"); ctx.init(null, tmf.getTrustManagers(), null); SSLSocketFactory factory = ctx.getSocketFactory(); socket = (SSLSocket)factory.createSocket("100.100.201.189", 8807); LOGGER.info("Got socket"); smscLink = new TcpLink(socket); return smscLink; } catch (KeyStoreException e) { LOGGER.error("Key store exception : " + e); } catch (NoSuchAlgorithmException e) { LOGGER.error("NoSuchAlgorithmException : " + e); } catch (CertificateException e) { LOGGER.error("CertificateException : " + e); } catch (FileNotFoundException e) { LOGGER.error("FileNotFoundException : " + e); } catch (IOException e) { LOGGER.error("FileNotFoundException : " + e); } catch (KeyManagementException e) { LOGGER.error("KeyManagementException : " + e); } catch (Exception e) { LOGGER.error("Exception : " + e); } return null; }

but I get:

 javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1293) at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65) at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)

Any ideas are welcome!

thanks

+4

java ssl keystore

Sergiu Jan 25 '13 at 13:31

source share

3 answers

gaborsch · Answer 1 · 2013-01-25T13:46:39+0000

You can set the system properties as follows:

 System.setProperty("javax.net.ssl.keyStore", '/path/to/keystore.jks'); System.setProperty("javax.net.ssl.keyStorePassword", 'your-password-here');

They will be used system-wide (in this case, the JVM), so you probably want to do this during initialization.

Sergiu · Answer 2 · 2013-02-04T07:30:10+0000

It works using this piece of code:

 KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(this.getCertificateContent(), "test".toCharArray()); kmf.init(keyStore, "test".toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext ctx = SSLContext.getInstance("TLSv1"); ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); SSLSocketFactory factory = ctx.getSocketFactory(); socket = (SSLSocket)factory.createSocket("100.125.100.1", 8775);

mike345 · Answer 3 · 2015-07-23T13:14:48+0000

If you want, here the API for creating SSLSocket and SSLServerSocket is easy:

https://github.com/gpotter2/SSLKeystoreFactories

It does not require any other jars ... just get the files and use them like:

 SSLSocket s = SSLSocketKeystoreFactory.getSocketWithCert(ip, port, Main.class.getResourceAsStream("/mykey.jks"), "password")

Or:

 SSLServerSocket s = SSLServerSocketKeystoreFactory.getSocketWithCert(port, Main.class.getResourceAsStream("/mykey.jks"), "password")

It is much easier to use :)

Download Keystore

More articles: