reikje
Reputation: 3064
How does Javas KeyManagerFactory.init work with multiple keys
I came across this Java snippet as part of creating an SSLContext. I am wondering about the init call, where a keyPass is specified. What if the KeyStore contains multiple certificates with different aliases and different passwords?
val keyStore = KeyStore.getInstance("jks")
keyStore.load(inputStream, "storePass")
val keyManagerFactory = KeyManagerFactory.getInstance("SunX509")
keyManagerFactory.init(keyStore, keyPass?)
val keyManagers = keyManagerFactory.getKeyManagers
val sslContext = SSLContext.getInstance("TLS")
sslContext.init(keyManagers, null, new SecureRandom)
How would you rewrite the code if keyStore contained cert1 (alias: one, pwd: foo) and cert2 (alias: two, pwd: bar)? Maybe I misunderstood a thing or two :)
Upvotes: 2
Views: 3836
Answers (1)
JustDanyul
Reputation: 14044
After double checking the documentation, and doing a bit of googling, it seems like maintaining multiple keystores and wrapping them in a bespoke composite keymanager could work, as the author of this blog post is doing.
Upvotes: 2
Related Questions
- How does keytool protect keys?
- Java - Storing Keypairs in KeyStore
- Does changing the Keystore value change the key password?
- What is Keystore?
- How to store and load keys using java.security.KeyStore class
- what is the significance of specifying the keystore name and alias with Java keytool import?
- KeyStore Explorer - Created key pair?
- Which keystore is used when null is passed to KeyManagerFactory.init() in Java?
- Basic questions on Keystore usage
- Is "key" stored twice in Java HashMap?