2 Replies Latest reply: Jan 16, 2012 3:25 AM by 910398 RSS

    Storing certificate into Windows Trusted Root CA without confirmation

    910398
      I implemented small procedure which stores CA certificates in the Windows Trusted CA. Each time i'm running java program
      I'm asked to confirm the operation.

      How to specify the confirmation to 'yes' in the java code? Do I need to sign my java program?

      public static void storeTrustedCACertificate(String certStore, String provider, String certPath, String alias ) throws Exception {

                BufferedInputStream bis = null;

                try {

                     bis = new BufferedInputStream( new FileInputStream(certPath) );

                     if (bis.available() > 0) {
                          CertificateFactory cf = CertificateFactory.getInstance("X.509");
                          Certificate cert = cf.generateCertificate(bis);
                          System.out.println(cert.toString());

                          KeyStore ks = KeyStore.getInstance( certStore, provider);
                          // Add the certificate
                          ks.load(null,null);
                          ks.setCertificateEntry(alias, cert);
                     }
                } catch (IOException ex) {
                     cleanup(bis);
                }
           }
        • 1. Re: Storing certificate into Windows Trusted Root CA without confirmation
          EJP
          Have a look at the parameters for ks.load().
          • 2. Re: Storing certificate into Windows Trusted Root CA without confirmation
            910398
            Thanks for reply, but in the scenario I think that more correct is to use :

            ks.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert),
                                          new KeyStore.CallbackHandlerProtection( new CallbackHandler() {
                                               public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
                                                    System.out.println("CALLBACK invoked!");
                                               }
                                          }) );

            ... and i'm get exception that handler is not supported!


            Unfortunately when analyzing the source code (JDK 6 but i'm using JDK 7 anyway) only PasswordProtectionHandler is supported.
            http://javasourcecode.org/html/open-source/jdk/jdk-6u23/java/security/KeyStoreSpi.java.html