Java Code Examples for

Following code examples demonstrate how to use java. These examples are extracted from various highly rated open source projects. You can directly use these code snippets or view their entire linked source code. These snippets are extracted to provide contextual information about how to use this class in the real world. These samples also let you understand some good practices on how to use various code implementation of this class.

    public static String buildPem(PKCS12KeyStore p12, String keyAlias, char[] password) 
            throws Exception {
        PrivateKey key = (PrivateKey) p12.engineGetKey(keyAlias, password);
        StringBuilder builder = new StringBuilder();
        Certificate[] chain = p12.engineGetCertificateChain(keyAlias);
        for (Certificate cert : chain) {
        return builder.toString();

    public static PKCS12KeyStore generateKeyStore(String dname, int validityDays,
            String alias, char[] password, OutputStream stream) throws Exception {
        GenRsaPair keyPair = new GenRsaPair();
        keyPair.generate(dname, new Date(), validityDays, TimeUnit.DAYS);
        PKCS12KeyStore p12KeyStore = new PKCS12KeyStore();
        X509Certificate[] chain = new X509Certificate[] {keyPair.getCertificate()};
        p12KeyStore.engineSetKeyEntry(alias, keyPair.getPrivateKey(), password, chain);
        p12KeyStore.engineStore(stream, password);
        return p12KeyStore;

This class provides the keystore implementation referred to as "PKCS12". Implements the PKCS#12 PFX

protected using the Password privacy mode. The contents are protected using Password integrity mode. Currently we support following PBE algorithms: - pbeWithSHAAnd3KeyTripleDESCBC to encrypt private keys - pbeWithSHAAnd40BitRC2CBC to encrypt certificates Supported encryption of various implementations : Software and mode. Certificate encryption Private key encryption --------------------------------------------------------------------- MSIE4 (domestic 40 bit RC2. 40 bit RC2 and xport versions) PKCS#12 export. MSIE4, 5 (domestic 40 bit RC2, 40 bit RC2, and export versions) 3 key triple DES 3 key triple DES PKCS#12 import. MSIE5 40 bit RC2 3 key triple DES, PKCS#12 export. with SHA1 (168 bits) Netscape Communicator 40 bit RC2 3 key triple DES, (domestic and export with SHA1 (168 bits) versions) PKCS#12 export Netscape Communicator 40 bit ciphers only All. (export version) PKCS#12 import. Netscape Communicator All. All. (domestic or fortified version) PKCS#12 import. OpenSSL PKCS#12 code. All. All. --------------------------------------------------------------------- NOTE: PKCS12 KeyStore supports PrivateKeyEntry and TrustedCertficateEntry. PKCS#12 is mainly used to deliver private keys with their associated certificate chain and aliases. In a PKCS12 keystore, entries are identified by the alias, and a localKeyId is required to match the private key with the certificate. Trusted certificate entries are identified by the presence of an trustedKeyUsage attribute. @author Seema Malkani @author Jeff Nisewanger @author Jan Luehe @see KeyProtector @see @see KeyTool

Read More