将受信任的证书导入到现有的

将受信任的证书导入到现有的

关注
发信
关注(28)粉丝(399)

java - 如何以编程方式将受信任的证书导入到现有的 keystore 中?

我需要将受信任的证书导入到现有的密钥库中,这是我的代码,但是它向我抛出EOFException,这可能是什么问题?

public void importTrustedCertificate( String alias, byte [] trustedCertificate )
        throws Exception
    {
        KeyStore keyStore = KeyStore.getInstance( "JKS" );
        FileInputStream fileInputStream = new FileInputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
        FileOutputStream fileOutputStream = new FileOutputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );

        keyStore.load( fileInputStream, "keystore".toCharArray() );
        keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );

        keyStore.store( fileOutputStream, "keystore".toCharArray() );
        fileInputStream.close();
        fileOutputStream.close();

        return;
    }


错误:

Exception in thread "main" java.io.EOFException
    at java.io.DataInputStream.readInt(DataInputStream.java:375)
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:628)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
    at java.security.KeyStore.load(KeyStore.java:1185)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.importTrustedCertificate(IniFileGenerator.java:107)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.processZipFile(IniFileGenerator.java:165)
    at com.netrust.passportverification.clientregistrar.setup.IniFileGenerator.main(IniFileGenerator.java:180)

Java Result: 1

最佳答案

您确定此位置的文件不为空吗? keytool可以列出其内容吗?这个EOFException看起来并不特定于密钥库,但是您似乎试图从中加载的初始文件比应该的短。

此外,您的FileInputStreamFileOutputStream引用相同的文件。我建议在写另一本书之前先关闭您阅读的书,以免发生冲突:

FileInputStream fileInputStream = new FileInputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
keyStore.load( fileInputStream, "keystore".toCharArray() );
fileInputStream.close();
keyStore.setCertificateEntry( alias, new X509Certificate( trustedCertificate ) );

FileOutputStream fileOutputStream = new FileOutputStream( "keystore" + File.separator + "ClientRegistrarKeyStore.jks" );
keyStore.store( fileOutputStream, "keystore".toCharArray() );
fileOutputStream.close();

关于java - 如何以编程方式将受信任的证书导入到现有的 keystore 中?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/8415267/

10-12 20:14
Powered by LMLPHP ©2024 将受信任的证书导入到现有的 0.039488