FAQ Database Discussion Community


Validating certificate chain in Java from truststore

java,ssl,x509certificate,keystore,truststore
I have a certificate chain as der encoded byte[][] array to verify. I also have a truststore file. After I create X509Certificate[] from that byte array[][] and initializing trustmanager, how will I tell to TrustManager to verify that X509Certificate[]? What is the proper way to do it? Thanks. Sample code:...

Spring MVC : Using User password to create a Java keystore, and access keys later

java,spring-mvc,encryption,spring-security,keystore
I am working on a Spring-MVC application in which there is a Person class for whom I am storing the password in database with BCrypt format. Now, I would like to create a Java keystore using MD5 sum of the user's plaintext password. But because I don't know how...

Couldn't execute postMethod: Javax.net.ssl.SslException: Revoked by CRL

java,ssl,https,keystore
I have a POST method: PostMethod post = new PostMethod(myPostUrl); Then I execute the PostMethod: httpClient.executeMethod(post); When I try to execute it, I get an exception such as: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Revoked by CRL (cached response) What causes this?...

Why use debug.keystore?

android,keystore
I know the difference between a release keystore and the default debug.keystore, but why use the debug.keystore at all? It is said debug.keystore is used during development but I don't see any advantages of that, only disadvantages. When integrating stuff like Facebook and Google Maps you need to generate a...

LDAP Access - javax.naming.CommunicationException: simple bind failed

java,ldap,ssl-certificate,keystore
We are running into issues connecting LDAP server after LDAP SHA-256 Migration .We got the below exception when we ran our application in debug mode : javax.naming.CommunicationException: simple bind failed: xxxamd.xxx.com:636 [Root exception is java.net.SocketException: Socket is closed]‚Äč We tried to add the below .cer files into our application specific...

Updating an Android app with original keystore but different project

android,keystore
Recently my computer crashed and I was only able to recover the keystore and apk of one of my Android apps (already published). Would it be possible to make an update to this app by creating a new project (the original one was lost) and using the original keystore? If...

Mule HTTPS Listener won't respond

ssl,mule,keystore
I have trouble with the HTTPS setup in Mule. I have tried both at work and at home with fresh Anypoint Installs. I have checked every StackOverflow posts every tutorial every blogposts but nothing is doing it. I have also tried EE and CE runtimes. I am using the lastest...

Java keystore maintenance utilities [closed]

java,ssl,encryption,keystore
We are using the below line in our shell script file : Djavax.net.ssl.trustStore="/proj/xxx/www/cgi-bin/xxx_cacerts The xxx_cacerts file contains SSL certificate information. As we are about to upgrade we tried changing that file as per the latest one given in our organization. For this we need to know what is "Java keystore...

Store a key or password securely locally on android

java,android,security,keystore,password-encryption
I'm making an android application and currently, I have my server username and password written as constants in my code (which is not very secure). I have researched online but I couldn't really find something that would completely secure the password from the user or at least prevent from hackers....

CXF: Can I refer in-memory keystore for signing?

cxf,keystore
We use CXF 3 and we use WSS4J Crypto to provide keys to sing SOAP message. I wonder is it is possible to use in-memory KeyStore to store those keys (I know it is possible to use in-memory KeyStore for SSL certificates). I know that it is possible to refer...

javax.net.ssl.SSLHandshakeException: Received fatal alert: unknown_ca

java,ssl,keystore,self-signed,truststore
I have to connect to a server via SSL dual authentication. I have added my own private key plus certificate to a keystore.jks and the self signed certificate of the server to a truststore.jks, both files are copied to /usr/share/tomcat7. The socket factory used by my code is delivered by...

Managing Android keystores [closed]

android,keystore
How should Android keystores be managed? Is it okay to store all keys for all your apps in one keystore or should you have one keystore per app? Is there any point in using version control for your keystores?

How does Tomcat handle multiple SSL certs in the keystore?

java,tomcat,ssl,https,keystore
We have an architecture where several Java 7 Tomcat apps communicate with a special web service (also a Tomcat app living on a different VM) over HTTPS. Newer SHA-2 based SSL certs are not natively trusted by many Java 7 JREs. So one solution is to upgrade the Java 7...

SSL Client authentication, but no server authentication?

java,ssl,rmi,keystore
Is it possible to disable server authentication by the client when using rmi over ssl? But I do want to keep using client authentication (setNeedClientAuth(true) on sslserversocket) on the server. Let me explain: I have a client which connects to a server over ssl rmi. Only specific clients with a...

Openfire SSL certificat

ssl,ssl-certificate,keystore,openfire
I have an openfire server on centOS 7 and i want to install my wildcard certificate. After importing certificate to keystore and tested it using keytool -list -v -keystore keystore -alias chat.example.com Everything looks good, i get certificate provider, CN,OU, algorithms etc. In my Web admin panel i set ServerName...

How to store symmetric secret key in Java PKCS12 keystore

cryptography,keystore,pkcs#12
I need a secure store for symmetric keys that works for both .NET and Java. I need to be able to store and retrieve HmacSha* keys from the same store in both languages, programmatically, not via command line tools. My first attempt at this was generating and storing a key...

Self-signed Certificate and Client Keystore for SSL Authentication

java,ssl,certificate,keystore,keytool
I need to create and install a self-signed certificate on the server (an XML hardware appliance) to do SSL authentication of a Java client/application which, through its interface configuration, can set keystores, i.e. .jks. I only need this setup for testing purposes and not production, for obvious reasons. Here's how...

same alias different key OK between keystore and cacerts? Or, how to export/import key between keystore/cacerts?

java,certificate,keystore
On Linux Centos system with java 1.7, is it OK to use a key with alias xyz123 in keystore.jks and a different key with the same alias in cacerts.jks? Or, will something break? I deleted key with alias 'xyz123' (because it was 1024 bits) in keystore.jks file, then created a...

Instaling updated SSL Certificates breaks Java web integration?

java,wcf,ssl,https,keystore
We have a .Net WCF service hosted on a Windows 2013 server. The SSL certificate for the service which is exposed via HTTPS was nearing expiration. An updated certificate was generated and applied to the server. All of our .Net client applications continued to function as normal, but our Java-based...

Multiple Keystores vs Multiple Keys and export/import of keys

java,android,code-signing,keystore,privatekey
I'm developing multiple Android applications for various clients. I manage the complete lifecycle of development for my clients which includes development and publishing to Google Play. I'm concerned about how I should sign the applications I make for my clients. Right now, I have 1 keystore, and for each client,...

Loading a PKCS-12 keystore in AEM 6.0

cq5,keystore,saml,aem
I am trying to move my SAML integration code from a CQ 5.6.1 environment to AEM 6.0. While my login works correctly, I'm stuck at the logout implementation. The same snippet of code runs on 5.6.1, but throws an I.O Exception in AEM 6.0 Here's the code in question Node...

Lost my keystore, only have SHA1 from it

android,google-play,keystore,android-keystore
I have accidentally deleted my keystore file and now I can't update my apps in Google Play, I only have the SHA1 Fingerprint from it, and I want to know if there is a way to create a new keystore and insert that SHA1 code there, so I can use...