What is SunX509 used for and can it work with parties using IbmX509?
14,179
I read that this is called the "certificate encoding algorithm".
No it isn't. It is a key manager algorithm that defines both a provider and a content type, in this case "Sun" or "IBM" and X.509. Basically it is a keystore type.
Anyway the best solution is not to use either. Just use
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
The KeyManager
and KeyManagerFactory
just deal with the local keystore/truststore. The peer doesn't care about that, only about the certificates that are in them, and that only indirectly.
Author by
daramasala
For a long time I was deep into Java server side stuff. Recently I moved to Azure-Xamarin projects with C#.
Updated on June 12, 2022Comments
-
daramasala almost 2 years
When I manually create a
KeyManager
, one of the steps is this:KeyManagerFactory.getInstance("SunX509")
This does not work on IBM jre where I need to specify "IbmX509".
My questions:- I read that this is called the "certificate encoding algorithm". What does that mean? When is it used?
- What happens when the client is using the IBM algorithm and the server is using the Sun algorithm?
Thanks,
Doron -
daramasala about 12 yearsThanks for the answer. Why would someone ever want to change this - i.e. why is it a parameter?
-
user207421 about 12 years@DoronTohar PCKS#11 for one reason.
-
daramasala about 12 yearsThanks again, you've been very helpful