Databases
StackOverflow2013
Postsdbo
POPKCS12 Java Keystore from CA and User certificate in java
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POPKCS12 Java Keystore from CA and User certificate in java
    text
    copied!<p>I've recently been put in charge of mocking up an Apple product (iPhone Configuration Utility) in Java. One of the sections I've been a bit stuck on is a part about Exchange ActiveSync. In there, it allows you to select a certificate from your Keychain to use as credentials for your EAS account. After some research, I found that it's actually creating a PKCS12 keystore, inserting the private key of the certificate I selected, and encoding that into XML. So far not a big deal. If I create a .p12 file with Keychain Access it uploads without a problem. But I run into a problem when I try to bring that over to Java.</p> <p>Say I export one of those certs that I had used earlier with the .p12 file as a .cer file (this is what we are expecting to get in the environment). Now when I upload it into Java I get a Certificate object as follows...</p> <pre><code>KeyStore ks = java.security.KeyStore.getInstance("PKCS12"); ks.load(null, "somePassword".toCharArray()); CertificateFactory cf = CertificateFactory.getInstance("X.509", new BouncyCastleProvider()); java.security.cert.Certificate userCert = cf.generateCertificate(new FileInputStream("/Users/me/Desktop/RecentlyExportedCert.cer")); </code></pre> <p>But when I try...</p> <pre><code>ks.setCertificateEntry("SomeAlias", userCert); </code></pre> <p>I get the exception...</p> <pre><code>java.security.KeyStoreException: TrustedCertEntry not supported </code></pre> <p>So from certs I move onto keys. But with those Certificates (I got the CA Cert as well), I'm only able to access the public key, not the private. And if I attempt to add the public key like so...</p> <pre><code>java.security.cert.Certificate[] chain = {CACert}; ks.setKeyEntry("SomeAlias", userCert.getPublicKey().getEncoded(), chain); </code></pre> <p>I get...</p> <pre><code>java.security.KeyStoreException: Private key is not stored as PKCS#8 EncryptedPrivateKeyInfo: java.io.IOException: DerValue.getOctetString, not an Octet String: 3 </code></pre> <p>So now I'm here. Does anyone have any idea how to get a private key from a .cer file into a PKCS12 keystore in Java? Am I even on the right track?</p> <p>Thanks in advance!</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload