I have to write an utility for digital signing. I have already done it using following sample code.
KeyStore ks = KeyStore.getInstance(KeyStoreType); ks.load(new java.io.FileInputStream(pfxPath), password.toCharArray());
Now the problem/requirement is, that PFX owner is not ready to share the password and I also don’t want to load PFX file every time since I assume thousands of hits in a second.
My question is, is there any way so i can create some keystore(or certificate database or something else) where PFX owner enters password first time and I can use this keystore further for signing.
You can develop a standalone code which can generate a serialized file having KS object. Your client can pass his password at his machine. So it’ll be risk free.
You can deserialize file contents in your application for further use.