java.security.KeyStore.getCertificateChain()方法的使用及代码示例

x33g5p2x  于2022-01-23 转载在 其他  
字(7.9k)|赞(0)|评价(0)|浏览(220)

本文整理了Java中java.security.KeyStore.getCertificateChain()方法的一些代码示例,展示了KeyStore.getCertificateChain()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyStore.getCertificateChain()方法的具体详情如下:
包路径:java.security.KeyStore
类名称:KeyStore
方法名:getCertificateChain

KeyStore.getCertificateChain介绍

[英]Returns the certificate chain for the entry with the given alias.
[中]返回具有给定别名的项的证书链。

代码示例

代码示例来源:origin: wildfly/wildfly

public Certificate[] engineGetCertificateChain(final String alias) {
  try {
    return delegate.getCertificateChain(alias);
  } catch (KeyStoreException e) {
    return null;
  }
}

代码示例来源:origin: wildfly/wildfly

@Override
public Certificate[] engineGetCertificateChain(String alias) {
  try {
    return getKeyStore().getCertificateChain(alias);
  } catch (KeyStoreException e) {
    throw new IllegalStateException(e);
  }
}

代码示例来源:origin: oracle/helidon

static List<X509Certificate> loadCertChain(KeyStore keyStore, String certAlias) {
  try {
    Certificate[] certificates = keyStore.getCertificateChain(certAlias);
    if (null == certificates) {
      throw new PkiException("There is no X.509 certificate chain under alias " + certAlias);
    }
    return Stream.of(certificates).map(it -> (X509Certificate) it).collect(Collectors.toList());
  } catch (KeyStoreException e) {
    throw new PkiException("Failed to load certificate under alias " + certAlias, e);
  }
}

代码示例来源:origin: gocd/gocd

public boolean hasCertificates(String friendlyName, File storeFile, String passwd) {
  try {
    KeyStore keyStore = loadOrEmpty(storeFile, passwd);
    bombIfNull(keyStore, "Store not yet initialized");
    return keyStore.getCertificateChain(friendlyName) != null;
  } catch (Exception e) {
    return false;
  }
}

代码示例来源:origin: atomix/atomix

private void logKeyStore(KeyStore ks, String ksLocation, char[] ksPwd) {
 if (log.isInfoEnabled()) {
  log.info("Loaded cluster key store from: {}", ksLocation);
  try {
   for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) {
    String alias = e.nextElement();
    Key key = ks.getKey(alias, ksPwd);
    Certificate[] certs = ks.getCertificateChain(alias);
    log.debug("{} -> {}", alias, certs);
    final byte[] encodedKey;
    if (certs != null && certs.length > 0) {
     encodedKey = certs[0].getEncoded();
    } else {
     log.info("Could not find cert chain for {}, using fingerprint of key instead...", alias);
     encodedKey = key.getEncoded();
    }
    // Compute the certificate's fingerprint (use the key if certificate cannot be found)
    MessageDigest digest = MessageDigest.getInstance("SHA1");
    digest.update(encodedKey);
    StringJoiner fingerprint = new StringJoiner(":");
    for (byte b : digest.digest()) {
     fingerprint.add(String.format("%02X", b));
    }
    log.info("{} -> {}", alias, fingerprint);
   }
  } catch (Exception e) {
   log.warn("Unable to print contents of key store: {}", ksLocation, e);
  }
 }
}

代码示例来源:origin: eclipse-vertx/vert.x

if (!domains.isEmpty()) {
 PrivateKey key = (PrivateKey) ks.getKey(alias, password != null ? password.toCharArray() : null);
 Certificate[] tmp = ks.getCertificateChain(alias);
 if (tmp == null) {

代码示例来源:origin: andsel/moquette

/**
 * The OpenSSL provider does not support the {@link KeyManagerFactory}, so we have to lookup the integration
 * certificate and key in order to provide it to OpenSSL.
 * <p>
 * TODO: SNI is currently not supported, we use only the first found private key.
 */
private static SslContextBuilder builderWithOpenSSLProvider(KeyStore ks, String keyPassword)
    throws GeneralSecurityException {
  for (String alias : Collections.list(ks.aliases())) {
    if (ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
      PrivateKey key = (PrivateKey) ks.getKey(alias, keyPassword.toCharArray());
      Certificate[] chain = ks.getCertificateChain(alias);
      X509Certificate[] certChain = new X509Certificate[chain.length];
      System.arraycopy(chain, 0, certChain, 0, chain.length);
      return SslContextBuilder.forServer(key, certChain);
    }
  }
  throw new KeyManagementException("the SSL key-store does not contain a private key");
}

代码示例来源:origin: geoserver/geoserver

entry =
      new KeyStore.PrivateKeyEntry(
          (PrivateKey) key, oldKS.getCertificateChain(alias));
if (key instanceof PublicKey)
  entry = new KeyStore.TrustedCertificateEntry(oldKS.getCertificate(alias));

代码示例来源:origin: JZ-Darkal/AndroidHttpCapture

public void initializeServerCertificates(String commonName,
    SubjectAlternativeNameHolder subjectAlternativeNames)
    throws GeneralSecurityException, OperatorCreationException,
    IOException {
  KeyStore ks = CertificateHelper.createServerCertificate(commonName,
      subjectAlternativeNames, authority, caCert, caPrivKey);
  PrivateKey key = (PrivateKey) ks.getKey(authority.alias(),
      authority.password());
  exportPem(authority.aliasFile("-" + commonName + "-key.pem"), key);
  Object[] certs = ks.getCertificateChain(authority.alias());
  exportPem(authority.aliasFile("-" + commonName + "-cert.pem"), certs);
}

代码示例来源:origin: commons-net/commons-net

ClientKeyStore(KeyStore ks, String keyAlias, String keyPass) throws GeneralSecurityException
{
  this.keyAlias = keyAlias;
  this.key = (PrivateKey) ks.getKey(this.keyAlias, keyPass.toCharArray());
  Certificate[] certs = ks.getCertificateChain(this.keyAlias);
  X509Certificate[] X509certs = new X509Certificate[certs.length];
  for (int i=0; i < certs.length; i++) {
    X509certs[i] = (X509Certificate) certs[i];
  }
  this.certChain = X509certs;
}

代码示例来源:origin: i2p/i2p.i2p

/** 
 *  Export the private key and certificate chain (if any) out of a keystore.
 *  Does NOT close the output stream. Throws on all errors.
 *
 *  @param ks path to the keystore
 *  @param ksPW the keystore password, may be null
 *  @param alias the name of the key
 *  @param keyPW the key password, must be at least 6 characters
 *  @since 0.9.25
 */
public static void exportPrivateKey(File ks, String ksPW, String alias, String keyPW,
                  OutputStream out)
             throws GeneralSecurityException, IOException {
  InputStream fis = null;
  try {
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    fis = new FileInputStream(ks);
    char[] pwchars = ksPW != null ? ksPW.toCharArray() : null;
    keyStore.load(fis, pwchars);
    char[] keypwchars = keyPW.toCharArray();
    PrivateKey pk = (PrivateKey) keyStore.getKey(alias, keypwchars);
    if (pk == null)
      throw new GeneralSecurityException("private key not found: " + alias);
    Certificate[] certs = keyStore.getCertificateChain(alias);
    CertUtil.exportPrivateKey(pk, certs, out);
  } finally {
    if (fis != null) try { fis.close(); } catch (IOException ioe) {}
  }
}

代码示例来源:origin: i2p/i2p.i2p

if (pk == null)
  throw new GeneralSecurityException("private key not found: " + alias);
Certificate[] certs = keyStore.getCertificateChain(alias);
if (certs.length != 1)
  throw new GeneralSecurityException("Bad cert chain length");

代码示例来源:origin: psi-probe/psi-probe

Certificate[] certificateChains = keyStore.getCertificateChain(alias);

代码示例来源:origin: io.vertx/vertx-core

if (!domains.isEmpty()) {
 PrivateKey key = (PrivateKey) ks.getKey(alias, password != null ? password.toCharArray() : null);
 Certificate[] tmp = ks.getCertificateChain(alias);
 if (tmp == null) {

代码示例来源:origin: apache/pdfbox

Certificate[] certChain = keystore.getCertificateChain(alias);
if (certChain == null)

代码示例来源:origin: org.eclipse.jetty/jetty-util

certChain = keyStore.getCertificateChain(certAlias);
if (certChain == null || certChain.length == 0)

代码示例来源:origin: google/bundletool

private static SigningConfiguration readSigningConfigFromLoadedKeyStore(
   KeyStore keystore, String keyAlias, char[] keyPassword)
   throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
  PrivateKey privateKey = (PrivateKey) keystore.getKey(keyAlias, keyPassword);
  Certificate[] certChain = keystore.getCertificateChain(keyAlias);
  if (certChain == null) {
   throw CommandExecutionException.builder()
     .withMessage("No key found with alias '%s' in keystore.", keyAlias)
     .build();
  }

  ImmutableList<X509Certificate> certificates =
    Arrays.stream(certChain).map(c -> (X509Certificate) c).collect(toImmutableList());

  return SigningConfiguration.builder()
    .setPrivateKey(privateKey)
    .setCertificates(certificates)
    .build();
 }
}

代码示例来源:origin: sscarduzio/elasticsearch-readonlyrest-plugin

Certificate[] cchain = ks.getCertificateChain(sslKeyAlias);

代码示例来源:origin: stackoverflow.com

Certificate[] certchain = (Certificate[]) keystore.getCertificateChain(KEY_ALIAS_IN_KEYSTORE);

代码示例来源:origin: i2p/i2p.i2p

Certificate[] cs;
try {
  cs = ks.getCertificateChain(alias);
} catch (KeyStoreException kse) {
  error("Unable to check certificates for \"" + alias + "\" in key store " + location, kse);

相关文章