Hi,
in my project I need to pass an SSLContext to an Axis Webservice-Client. This SSLContext should load a KeyStore-Key (client certificate) and use the server's certificate in trust-store. The client certificate is retrieved from an USB-device.
keystore object is correctly instanciated and has multiple (3) certificates on it.
I hope I made my point clear enough...
Now I would like to tell the SSLContext to use certificate no. 2 as client certificate. How can I do that? here's the code snippet so far:
try {
KeyStore ks = null;
String configName = "pkcs11.cfg";
Provider p = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(p);
System.out.println(p.getName() + ", " + p.getVersion()); // this works
char[] pin = "secret".toCharArray();
ks = KeyStore.getInstance("PKCS11");
ks.load(null, pin);
//testing ks-object if properly loaded
String alias = null;
Enumeration<String> al = ks.aliases();
while(al.hasMoreElements()) {
alias = al.nextElement();
System.out.println(alias);
}
//so far works - get listed all available certificats from the token
}catch(Exception ex) {
System.out.println(ex.getMessage());
ex.printStackTrace();
}
try
{
KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, null); // I set password to null .. because ks object already loaded an think no password required... ?
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks); //actually the trust-certificate is on the token as well...
// congifure a local SSLContext to use created keystores
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
return sslContext;