Name
KeyStore
Synopsis
This
class
represents a mapping of names, or aliases, to Key
and java.security.cert.Certificate objects. Obtain
a KeyStore object by calling one of the static
getInstance( ) methods, specifying the desired key
store type and, optionally, the desired provider. Use
"JKS” to specify the
“Java Key Store” type defined by
Sun. Because of U.S. export regulations, this default
KeyStore supports only weak encryption of private
keys. If you have the Java Cryptography Extension installed, use the
type "JCEKS” and
provider “SunJCE” to obtain a
KeyStore implementation that offers much stronger
password-based encryption of keys. Once you have created a
KeyStore, use load( ) to read
its contents from a stream, supplying an optional password that
verifies the integrity of the stream data. Keystores are typically
read from a file named .keystore in the
user’s home directory.
The KeyStore API
has been substantially enhanced in Java 5.0. We describe pre-5.0
methods first, and then cover Java 5.0 enhancements below. A
KeyStore may contain both public and private key
entries. A public key entry is represented by a
Certificate object. Use getCertificate(
) to look up a named public key certificate and
setCertificateEntry( ) to add a new public key
certificate to the keystore. A private key entry in the keystore
contains both a password-protected Key and an
array of Certificate objects that represent the certificate chain for the public key that corresponds to the private key. ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
