The Java Developers Almanac 1.4


Order this book from Amazon.

   
Home > List of Packages > java.security.cert  [9 examples] > Certification Paths  [4 examples]

e230. Listing the Most-Trusted Certificate Authorities (CA) in a Key Store

This example lists the most-trusted CAs in the JDK's cacerts file. The most-trusted CAs are used to validate certification paths.
    try {
        // Load the JDK's cacerts keystore file
        String filename = System.getProperty("java.home")
            + "/lib/security/cacerts".replace('/', File.separatorChar);
        FileInputStream is = new FileInputStream(filename);
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        String password = "changeit";
        keystore.load(is, password.toCharArray());
    
        // This class retrieves the most-trusted CAs from the keystore
        PKIXParameters params = new PKIXParameters(keystore);
    
        // Get the set of trust anchors, which contain the most-trusted CA certificates
        Iterator it = params.getTrustAnchors().iterator();
        for (; it.hasNext(); ) {
            TrustAnchor ta = (TrustAnchor)it.next();
    
            // Get certificate
            X509Certificate cert = ta.getTrustedCert();
        }
    } catch (CertificateException e) {
    } catch (KeyStoreException e) {
    } catch (NoSuchAlgorithmException e) {
    } catch (InvalidAlgorithmParameterException e) {
    } catch (IOException e) {
    }

 Related Examples
e228. Listing All Available Certification Path Validation Algorithms
e229. Creating a Certification Path
e231. Validating a Certification Path

See also: Certificates   


© 2002 Addison-Wesley.