Setting multiple truststore on the same JVM

by

You can load trusted key stores dynamically at runtime.

// load your key store as a stream and initialize a KeyStore
InputStream trustStream = ...    
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());    

// if your store is password protected then declare it (it can be null however)
char[] trustPassword = ...

// load the stream to your store
trustStore.load(trustStream, trustPassword);

// initialize a trust manager factory with the trusted store
TrustManagerFactory trustFactory = 
  TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());    
trustFactory.init(trustStore);

// get the trust managers from the factory
TrustManager[] trustManagers = trustFactory.getTrustManagers();

// initialize an ssl context to use these managers and set as default
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustManagers, null);
SSLContext.setDefault(sslContext);

Watch out, because SSLContext.getDefault() would give you back the default context which you cannot modify, so you have to create a new one, initialize it then set this new context as the default.

The bottom line is that you can use any number of trust stores if you want to.

More Related Contents:

  1. How can I use different certificates on specific connections?
  2. java – path to trustStore – set property doesn’t work?
  3. Using a custom truststore in java as well as the default one
  4. Java client certificates over HTTPS/SSL
  5. Import PEM into Java Key Store
  6. javax.net.ssl.SSLException: Received fatal alert: protocol_version
  7. Does Java support Let’s Encrypt certificates?
  8. Registering multiple keystores in JVM [duplicate]
  9. Keystore type: which one to use?
  10. Is it possible to get Java to ignore the “trust store” and just accept whatever SSL certificate it gets?
  11. Why does Java’s SSLSocket send a version 2 client hello?
  12. How to override the cipherlist sent to the server by Android when using HttpsURLConnection?
  13. What is Keystore?
  14. Using SSLContext with just a CA certificate and no keystore
  15. SSLContext initialization
  16. How to configure trustStore for javax.net.ssl.trustStore on windows?
  17. How to build a SSLSocketFactory from PEM certificate and key without converting to keystore?
  18. Java: Loading SSL Keystore via a resource
  19. How do I list / export private keys from a keystore?
  20. Can we load multiple Certificates & Keys in a Key Store?
  21. why doesn’t java send the client certificate during SSL handshake?
  22. SSL and cert keystore
  23. How to ignore SSL certificate errors in Apache HttpClient 4.0
  24. How can I get a list of trusted root certificates in Java?
  25. Read RSA private key of format PKCS1 in JAVA
  26. scp transfer via java
  27. How to force java server to accept only tls 1.2 and reject tls 1.0 and tls 1.1 connections
  28. Generate certificates, public and private keys with Java [closed]
  29. Using HTTPS with REST in Java
  30. How to connect to a secure website using SSL in Java with a pkcs12 file?

Leave a Comment