Read client certs from Swing application started via Java WebStart
953832Aug 3 2012 — edited Aug 4 2012I have a Java Webstart application that runs mostly on windows. The application is launched from a Two-way Authenticated SSL site. From the site, I know who the user is via a DN stored it their certificate.
The problem I'm running into is once I launch the Web Start Application. The webstart application talks over JMS to several servers. I need to sign each message from the client with the user's cert and then verify the signature at the server.
On the server, I can query an enterprise LDAP server to fetch all user's public keys to verify signatures. So, that's no problem.
My question is....How do I access the user's certificate from the Java Web Start app to sign outbound messages? I tried an example using MSCAPI like this: Keystore.getInstance("Windows-MY") This seems to work on XP 32bit but not Windows 7 64bit.
I've thought about passing the user's DN to the Web Start through a parameter in a run-time generated JNLP. That will at least let me which key I should be looking for in their certificate store.
Thanks for any advice......