Re: ftp ssl cert

From:

bcr666 <bcr666@gmail.com>

Newsgroups:

comp.lang.java.programmer

Date:

Thu, 26 Aug 2010 13:31:09 -0700 (PDT)

Message-ID:

<c03b6a78-b5b0-46a0-9238-226a3ce18942@g17g2000yqe.googlegroups.com>

Here are the methods that you requested.

    private static KeyManager[] getKeyManagers() throws
KeyStoreException, NoSuchAlgorithmException, CertificateException,
FileNotFoundException, IOException, UnrecoverableKeyException {
            KeyStore ks = KeyStore.getInstance("JKS");

    ks.load(new FileInputStream(KEYSTORE_FILE_NAME),
KEYSTORE_PASS.toCharArray());

            KeyManagerFactory tmf =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    tmf.init(ks, KEYSTORE_PASS.toCharArray());

            return tmf.getKeyManagers();
    }

    private static TrustManager[] getTrustManagers() throws
KeyStoreException, NoSuchAlgorithmException, CertificateException,
FileNotFoundException, IOException, UnrecoverableKeyException {
            KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(new FileInputStream(KEYSTORE_FILE_NAME),
KEYSTORE_PASS.toCharArray());

            TrustManagerFactory tmf =
TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    tmf.init(ks);

            return tmf.getTrustManagers();
    }

If I use the code you gave me how do I use the X509Certificate to
secure the connection?

looks OK to me without knowing what happens at getKeyManagers
and getTrustManagers.

and how to import the
files into a keystore?

If you use BouncyCastle:

PEMReader reader = new PEMReader(new FileInputStream("keycert.txt"));
PrivateKey key = (PrivateKey) reader.readObject();
X509Certificate cert = (X509Certificate) reader.readObject();

It's possible that the reader returns a KeyPair instead of the
private key instance but that should be easy to find out.