How to acess jvm default KeyStore?
Solution 1
There should be enough example code in the KeyStore Javadocs page to get you started:
As for the 'default' keystore - I'm not sure such a thing exists, normally you either load it explicitly from a file, or you can configure it using the following system properties:
- javax.net.ssl.keyStore - Keystore location
- javax.net.ssl.keyStorePassword - Keystore password
- javax.net.ssl.keyStoreType - Keystore type (JKS, P12 etc)
And similar for the trust store:
- javax.net.ssl.trustStore
- javax.net.ssl.trustStorePassword
- javax.net.ssl.trustStoreType
Solution 2
There is no default keystore in Java. This is documented in the customization section of the JSSE Reference Guide.
The default trust store is:
jssecacerts, if it exists. Otherwise, cacerts
However, it doesn't mean that these are the stores used by the default SSLContext
, since it's also possible to change the default SSLContext
(since Java 6) with one that would have been initialised with custom trust managers. (See this answer for more details).
bhavesh1988
Updated on July 20, 2022Comments
-
bhavesh1988 almost 2 years
I want to use java key store to save keys and certificates. can anybody share some code to help me with this?
-
Bruno about 9 yearsDownvoters should try to understand the difference between keystore and truststore first, and read the table in the official documentation (first link).
-
mjaggard over 5 yearsSo is the only way to get hold of the JVM default keystore (ie. the one specified using javax.net.ssl.keyStore etc.) to read those system properties yourself and construct one or can you programatically get hold of it without that extra work?
-
Chris White over 5 yearsTo my knowledge yes
-
Brut3e almost 4 yearsAs mentioned by Bruno in the answer below, in JSSE Reference Guide, there's no default Keystore (or as some people call it Identity Store) for Java. There's a default truststore though: jssecacers, if it exists. Otherwise cacerts in ..jre/lib/security/
-
gagarwa over 3 yearsCan you configure the keystore properties using
javax.net.ssl.keyStore
? Will that be used by the defaultSSLContext
? Asking for stackoverflow.com/questions/63719397/….