KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); char[] password = "some password".toCharArray(); ks.load(null, password); // Store away the keystore. FileOutputStream fos = new FileOutputStream("newKeyStoreFileName"); ks.store(fos, password); fos.close();
private static void storeKeyStore(KeyStore keyStore, File keyStoreFile) { try { FileOutputStream trustStoreOutputStream = new FileOutputStream(keyStoreFile); keyStore.store(trustStoreOutputStream, new char[0]); trustStoreOutputStream.close(); } catch (Exception e) { throw new RuntimeException("Cannot store key/truststore to file " + keyStoreFile, e); } } }
public static <T extends Certificate> void createTrustStore( String filename, String password, Map<String, T> certs) throws GeneralSecurityException, IOException { KeyStore ks = KeyStore.getInstance("JKS"); try (InputStream in = Files.newInputStream(Paths.get(filename))) { ks.load(in, password.toCharArray()); } catch (EOFException e) { ks = createEmptyKeyStore(); } for (Map.Entry<String, T> cert : certs.entrySet()) { ks.setCertificateEntry(cert.getKey(), cert.getValue()); } try (OutputStream out = Files.newOutputStream(Paths.get(filename))) { ks.store(out, password.toCharArray()); } }
KeyStore ks = KeyStore.getInstance("JKS"); ks.setKeyEntry("keyAlias", key, passwordForKeyCharArray, certChain); OutputStream writeStream = new FileOutputStream(filePathToStore); ks.store(writeStream, keystorePasswordCharArray); writeStream.close();
keystore.load(inputStreamFromOriginalFile, password); KeyStore keystore2 = KeyStore.getInstance("JKS"); for (String name : toIterable(keystore.aliases())) { Entry entry = keystore.getEntry(name, protParam); keystore2.setEntry(name, entry, protParam); } keystore2,store(outputStream, password);
private void writeKeystore(X509Certificate certificate, KeyPair entityKeyPair, String path) throws Exception { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, PASSWORD); keyStore.setKeyEntry("alias", entityKeyPair.getPrivate(), PASSWORD, new Certificate[] { certificate }); FileOutputStream outputStream = new FileOutputStream(path); keyStore.store(outputStream, PASSWORD); outputStream.flush(); outputStream.close(); }
/** * Exports the keyStore to the specified file. * * @param file file to save the KeyStore to * @param keyStore KeyStore to export * @param keystorePassword the password for the KeyStore */ @Override public void saveKeyStore(File file, KeyStore keyStore, String keystorePassword) { try (FileOutputStream fos = new FileOutputStream(file)) { keyStore.store(fos, keystorePassword.toCharArray()); } catch (CertificateException | NoSuchAlgorithmException | IOException | KeyStoreException e) { throw new KeyStoreAccessException("Unable to save KeyStore to file: " + file.getName(), e); } }
X509Certificate cert = chain[k]; String alias = host + "-" + (k + 1); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); [...] ks.setCertificateEntry(alias, cert); OutputStream out = new FileOutputStream("jssecacerts"); ks.store(out, passphrase); out.close();
@Override public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) throws KeyStoreException { try { // pack key into keystore and protect it using password ByteArrayOutputStream os = new ByteArrayOutputStream(); KeyStore keystore = KeyStore.getInstance(keyType); keystore.load(null, password); keystore.setKeyEntry(alias, key, password, chain); keystore.store(os, password); byte[] keystoreBytes = os.toByteArray(); engineSetKeyEntry(alias, keystoreBytes, chain); } catch (CertificateException | NoSuchAlgorithmException | IOException e) { throw log.ldapKeyStoreFailedToSerializeKey(alias, e); } }
keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(in, "changeit".toCharArray()); keyStore.store(new FileOutputStream(cacertsPath.toAbsolutePath().toFile()), "changeit".toCharArray()); } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException e) { throw new IllegalStateException(e);
private void writeCertificateFile() throws CertificateException { java.io.OutputStream keyStoreStream = null; try { keyStoreStream = new java.io.FileOutputStream(keyStoreFile); keyStore.store(keyStoreStream, "".toCharArray()); } catch (FileNotFoundException e) { throw new CertificateException("Unable to write KeyStore: " + e.getMessage()); } catch (CertificateException e) { throw new CertificateException("Unable to write KeyStore: " + e.getMessage()); } catch (IOException e) { throw new CertificateException("Unable to write KeyStore: " + e.getMessage()); } catch (NoSuchAlgorithmException e) { throw new CertificateException("Unable to write KeyStore: " + e.getMessage()); } catch (KeyStoreException e) { throw new CertificateException("Unable to write KeyStore: " + e.getMessage()); } finally { IOUtils.closeQuietly(keyStoreStream); } }
/** * 存储ca证书成JKS格式 * @param cert * @param alias * @param password * @param out * @throws KeyStoreException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws IOException */ public static void storeCACert(Certificate cert, String alias, String password, OutputStream out) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore ks = KeyStore.getInstance("JKS"); ks.load(null, null); ks.setCertificateEntry(alias, cert); // store keystore ks.store(out, HttpClientUtil.str2CharArray(password)); }
private static void createDefaultKeyStore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); char[] password = keyStorePassword.toCharArray(); ks.load(null, null); // Store away the keystore. try (FileOutputStream fos = new FileOutputStream(sslKeyStorePath)) { ks.store(fos, password); } } }
private static void saveKeyStore(KeyStore ks, String filename, String password) throws GeneralSecurityException, IOException { FileOutputStream out = new FileOutputStream(filename); try { ks.store(out, password.toCharArray()); } finally { out.close(); } }
/** * Encodes the given X509Certificate and private key as a JKS KeyStore, optionally protecting the private key * (and possibly the cert?) with a password. Returns the byte array encoding of the key store, which may be written * to a file and loaded to instantiate the key store at a later point or in another process. * @param cert the X509 certificate to serialize. * @param privateKey the private key to serialize. * @param keyPassword an optional key password. If empty or null, the private key will not be encrypted. * @return the serialized bytes of the JKS key store. * @throws IOException * @throws GeneralSecurityException */ public static byte[] certAndPrivateKeyToJavaKeyStoreBytes( X509Certificate cert, PrivateKey privateKey, String keyPassword) throws IOException, GeneralSecurityException { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); char[] keyPasswordChars = keyPassword == null ? new char[0] : keyPassword.toCharArray(); keyStore.load(null, keyPasswordChars); keyStore.setKeyEntry( "key", privateKey, keyPasswordChars, new Certificate[] { cert }); ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); keyStore.store(outputStream, keyPasswordChars); outputStream.flush(); byte[] result = outputStream.toByteArray(); outputStream.close(); return result; }
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() ); ks.load( in, passphrase ); in.close(); OutputStream out = new FileOutputStream( "jssecacerts" ); ks.store( out, passphrase ); out.close();
/** * Saves the current state of the store to disk. Useful when certificates have been added or removed from the * store. */ public void persist() throws CertificateStoreConfigException { try ( final FileOutputStream os = new FileOutputStream( configuration.getFile() ) ) { store.store( os, configuration.getPassword() ); } catch ( NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException ex ) { throw new CertificateStoreConfigException( "Unable to save changes to store in '" + configuration.getFile() + "'", ex ); } }
/** * Encodes the given X509Certificate as a JKS TrustStore, optionally protecting the cert with a password (though * it's unclear why one would do this since certificates only contain public information and do not need to be * kept secret). Returns the byte array encoding of the trust store, which may be written to a file and loaded to * instantiate the trust store at a later point or in another process. * @param cert the certificate to serialize. * @param keyPassword an optional password to encrypt the trust store. If empty or null, the cert will not be encrypted. * @return the serialized bytes of the JKS trust store. * @throws IOException * @throws GeneralSecurityException */ public static byte[] certToJavaTrustStoreBytes( X509Certificate cert, String keyPassword) throws IOException, GeneralSecurityException { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); char[] keyPasswordChars = keyPassword == null ? new char[0] : keyPassword.toCharArray(); trustStore.load(null, keyPasswordChars); trustStore.setCertificateEntry(cert.getSubjectDN().toString(), cert); ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); trustStore.store(outputStream, keyPasswordChars); outputStream.flush(); byte[] result = outputStream.toByteArray(); outputStream.close(); return result; }
try(OutputStream stream=new FileOutputStream(keyStoreName)) { SecretKey key=createSecretKey(); KeyStore store=KeyStore.getInstance(storeType); store.load(null, null); store.setKeyEntry(alias, key, storePass.toCharArray(), null); store.store(stream, storePass.toCharArray());
private void initializeKeyStore() throws RootCertificateException, GeneralSecurityException, OperatorCreationException, IOException { if (authority.aliasFile(KEY_STORE_FILE_EXTENSION).exists() && authority.aliasFile(".pem").exists()) { return; } MillisecondsDuration duration = new MillisecondsDuration(); KeyStore keystore = CertificateHelper.createRootCertificate(authority, KEY_STORE_TYPE); LOG.info("Created root certificate authority key store in {}ms", duration); OutputStream os = null; try { os = new FileOutputStream( authority.aliasFile(KEY_STORE_FILE_EXTENSION)); keystore.store(os, authority.password()); } finally { IOUtils.closeQuietly(os); } Certificate cert = keystore.getCertificate(authority.alias()); exportPem(authority.aliasFile(".pem"), cert); }