GoogleCodeExporter
commented
9 years ago Can you provide the code sample you used to obtain the chain please?Original comment by da...@grant.org.uk on 11 Sep 2012 at 3:06
Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago Can you provide the code sample you used to obtain the chain please?Original comment by da...@grant.org.uk on 11 Sep 2012 at 3:06
GoogleCodeExporter
commented
9 years ago // Convert the store to a certificate chain
CertStore store = response.getCertStore();
Collection<? extends Certificate> certs = store
.getCertificates(null);
Certificate[] chain = new Certificate[certs.size()];
int i = 0;
for (Certificate certificate : certs) {
chain[i++] = certificate;
// Create a new P12 keystore
ArrayUtils.reverse(chain);
KeyStore entityStore2 = KeyStore.getInstance("PKCS12", "BC");
entityStore2.load(null, null);
entityStore2.setKeyEntry("Open SSL Test", priv, "secret".toCharArray(), chain);
entityStore2.store(new ByteArrayOutputStream(),
"secret".toCharArray());
// Write the Keystore to a File
java.io.FileOutputStream fos2 =
new java.io.FileOutputStream("KeyStore.p12");
entityStore2.store(fos2, pw);
fos.close();Original comment by carl.bou...@gmail.com on 11 Sep 2012 at 3:22
GoogleCodeExporter
commented
9 years ago ThanksOriginal comment by da...@grant.org.uk on 11 Sep 2012 at 3:24
GoogleCodeExporter
commented
9 years ago FYI,
According to the OpenSSL PKCS#12 FAQ, certificates should not be expected to be
in any particular order.
"""
Q. What order do the certificates and keys appear in the output file?
A. They appear in the order they appear in the input file. You can dump just
user certificates or CA certificates with the clcerts and cacerts options
respectively.
"""
Source:
http://www.drh-consultancy.demon.co.uk/pkcs12faq.htmlOriginal comment by ponti...@gmail.com on 3 Mar 2013 at 6:13
Original issue reported on code.google.com by
carl.bou...@gmail.comon 11 Sep 2012 at 3:03