I have modified the instance type of the key store provider on the
repository.
Now the certificates are correctly written to the file
client.p12 and can be read using the
keytool:
Code:
$ keytool -list -keystore client.p12 -storepass clientPassword -v -storetype PKCS12
Keystore type: PKCS12
Keystore provider: SunJSSE
Your keystore contains 1 entry
Alias name: client
Creation date: Nov 9, 2015
Entry type: PrivateKeyEntry
Certificate chain length: 3
Certificate[1]:
Owner: CN=End Certificate
Issuer: CN=Intermediate Certificate
Serial number: 40f960450ce16070
Valid from: Mon Nov 09 12:08:34 EET 2015 until: Mon Nov 16 12:08:34 EET 2015
Certificate fingerprints:
MD5: 2C:1F:97:91:B9:33:D3:F4:4F:89:AA:13:43:53:F5:8A
SHA1: 41:83:C7:57:CE:B8:BC:DC:AC:E1:58:20:27:9E:05:CC:F2:F0:37:6C
SHA256: 58:57:EA:83:F7:66:45:80:EF:0E:39:8D:60:9C:C4:C8:CF:7A:74:06:07:DE:37:E0:DF:5F:0C:5C:D6:D3:0D:AC
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 1E 5E A8 36 64 31 32 5B 83 9F CF 9F F3 5F F0 17 .^.6d12[....._..
0010: EF 83 12 E5 ....
]
]
#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
#3: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Key_CertSign
Crl_Sign
]
Certificate[2]:
Owner: CN=Intermediate Certificate
Issuer: CN=Root
Serial number: 6d5f5d9bb7b110df
Valid from: Mon Nov 09 12:08:34 EET 2015 until: Mon Nov 16 12:08:34 EET 2015
Certificate fingerprints:
MD5: 0A:F1:DD:AC:15:3C:90:8F:A5:BA:72:B9:40:FB:1E:D2
SHA1: 78:DD:64:37:8F:94:F4:A1:F1:5E:80:70:89:18:0A:F4:6B:07:F8:3C
SHA256: DF:04:BB:DD:72:85:E0:CB:83:C6:73:E0:7D:F5:F3:E9:54:4E:D1:32:8C:74:A2:31:AE:BF:7A:FD:FE:29:D3:7D
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 39 C5 42 A1 3D 0F B9 5F C7 EA 32 9C 18 03 63 3D 9.B.=.._..2...c=
0010: 65 0F 30 22 e.0"
]
]
#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
#3: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
Certificate[3]:
Owner: CN=Root
Issuer: CN=Root
Serial number: 2c8b7a0f9a68a4d1
Valid from: Mon Nov 09 12:08:34 EET 2015 until: Mon Nov 16 12:08:34 EET 2015
Certificate fingerprints:
MD5: 37:29:09:F2:E5:98:E1:EC:86:35:4E:A5:7F:54:06:70
SHA1: 59:97:7E:3B:7B:5B:C5:A4:CA:17:92:24:60:EF:CE:4E:34:9D:4D:4A
SHA256: B1:7B:20:EA:09:8E:72:3A:BC:59:54:9C:7B:78:0C:D7:45:D0:3C:90:AB:81:69:78:75:3E:B9:D1:CA:01:6B:D9
Signature algorithm name: SHA256withRSA
Version: 1
*******************************************
*******************************************
But when I try to read them programmatically:
Code:
// set up a key manager for our local credentials
KeyManagerFactory mgrFact = KeyManagerFactory.getInstance("SunX509");
KeyStore clientStore = KeyStore.getInstance("PKCS12");
clientStore.load(new FileInputStream(CLIENT_NAME + ".p12"), CLIENT_PASSWORD); // <== CLIENT STORE CONTAINS NO ENTRIES
mgrFact.init(clientStore, CryptographyUtils.CLIENT_PASSWORD);
the client store is not initialized. Why?
Java KeyStore not reading entries from .p12 file
