Dynamically reloading certificate truststore?
843811Apr 19 2002 — edited Apr 29 2002Hello,
I'm working on an application that relies on accessing servers with untrusted certificates.
Here's how I deal with the situation:
1. I programmatically load the server certificates in my client keystore.
2. I set the javax.net.ssl.trustStore system property to use my keystore as a truststore.
3. I can now access the servers since their certificates are trusted.
In my program, the FIRST time I attempt an SSL connection with any server, all the existing truststore certificates are loaded into memory. Now, if I load a new server's certificate into my keystore file, it is not recognized if I try to access the server from the SAME program instance. It appears that the program validates only agains the certificates that are in memory. So the connection fails.
Is there any API to dynamically reload the new, or all truststore certificates into memory every time I add a new certificate to my keystore?
Thanks,
Pranav