如何获得Java中受信任的根证书的列表?
我希望能够以编程方式在Java应用程序中访问所有受信任的根证书。
我当时在看密钥库接口,但我希望获得JRE隐式的受信任根列表。
这可以在任何地方访问吗?
回答:
有一个示例显示了如何获取一组根证书,并通过它们进行遍历,这称为在密钥存储区中列出最受信任的证书颁发机构(CA)。这是经过稍微修改的版本,可打印出每个证书(在Windows
Vista上测试)。
import java.io.File;import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Iterator;
public class Main {
public static void main(String[] args) {
try {
// Load the JDK's cacerts keystore file
String filename = System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar);
FileInputStream is = new FileInputStream(filename);
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
String password = "changeit";
keystore.load(is, password.toCharArray());
// This class retrieves the most-trusted CAs from the keystore
PKIXParameters params = new PKIXParameters(keystore);
// Get the set of trust anchors, which contain the most-trusted CA certificates
Iterator it = params.getTrustAnchors().iterator();
while( it.hasNext() ) {
TrustAnchor ta = (TrustAnchor)it.next();
// Get certificate
X509Certificate cert = ta.getTrustedCert();
System.out.println(cert);
}
} catch (CertificateException e) {
} catch (KeyStoreException e) {
} catch (NoSuchAlgorithmException e) {
} catch (InvalidAlgorithmParameterException e) {
} catch (IOException e) {
}
}
}
以上是 如何获得Java中受信任的根证书的列表? 的全部内容, 来源链接: utcz.com/qa/423087.html
