I have a list of X509 CRL’s. I need to identify some of them somehow. Right now I do it using issuer: But there’s gotta be a better way to do that using knowledge of CRL file format, maybe with comparing public keys or something like that, but I don’t know much about X509CRL’s. Can som…
Tag: certificate
How to generate self-signed certificate in Java with JDK17
tl,dr; Is there a native Java17 solution to generate self-signed certificate, either via standard library (very unlikely) or some slim, lightweight library? There is a similar question (Access `sun.security.x509` in JDK 11 without modules?, asked by me) because starting with JDK11 access to internal JDK packa…
How can i reverse my android studio to escape this PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:..?
I recently updated my flutter version to 2.0.0 and it worked fine on iOS after updating the pub packages versions to the latest. It unfortunately didn’t work on Android and i thought of updating the Android studio. Since then I have been getting certificate errors and I have tried the following, specifi…
Decrypt file using .pfx certificate in Java
I have an .pfx file and a password for the file. I would like to decrypt a RSA encrypted file using Java. Basically the same approach like here (c#), but in java: https://stackoverflow.com/a/37894914/13329087 is this possible? my approach so far: this produces an Error: Answer Unfortunately you didn’t p…
How do I use client certificates in a client java application?
This is a topic that has taken me quite some time to figure out. There are bits and pieces of information scattered and one has to put everything together. I was hoping that with this post I could help others quickly assemble a working solution. I have a client-cert.pem, client-key.pem and a root.pem files an…
TLS with client certificate failing handshake
I am confused as to where exactly I need to include client certificate. Now, my first issue is that I don’t trust the server. I tried using default Java keystore file (cacerts) which has both Thawte and Digicert in it, and those are the root authorities of the server I’m trying to communicate with…
Set JRE to use Windows trust store, specifically the user’s trust store
Summary: Java option -Djavax.net.ssl.trustStoreType=WINDOWS-ROOT allows Java to use the Windows trust store for the computer account. What option allows it to use the Windows trust store for the user account? We have a Java application that we run on our Windows clients. The application gets data from various…
Read/Write Certificate Signing Request on Android (spongycastle)
I try to write code on Android to generate RSA key-pair and then generate Certificate Request file (.csr) like this image below: First I use spongycastle lib to generate Key Pair (public key and private key) Then I use CSRHelper class I found on this link to generate: byte CSRder[]: I write code to write byte…
keytool error: java.io.IOException: keystore password was incorrect
Created a Certificate for Tomcat, trying to get it installed in new keystore, and getting error (Edit: ran it with -v option, now getting more info): Sadly, it’s correct, the passphrase has two “®”. So, given what I’ve done (the private key has the non-ASCII password), how much of a pa…
Import Windows certificates to Java
I have a java server that is trying to connect to an external Ldap server through SSL (as a client in order to perform queries). I’m having trouble connecting since the certificate they send me upon connecting is trusted only in my local windows Truststore but is not present in java truststore (cacerts)…