Digital signing without password

I have to write an utility for digital signing. I have already done it using following sample code.

KeyStore ks = KeyStore.getInstance(KeyStoreType);
ks.load(new java.io.FileInputStream(pfxPath), password.toCharArray());

Now the problem/requirement is, that PFX owner is not ready to share the password and I also don’t want to load PFX file every time since I assume thousands of hits in a second.

My question is, is there any way so i can create some keystore(or certificate database or something else) where PFX owner enters password first time and I can use this keystore further for signing.

Answer

You can develop a standalone code which can generate a serialized file having KS object. Your client can pass his password at his machine. So it’ll be risk free.

You can deserialize file contents in your application for further use.

Leave a Reply

Your email address will not be published. Required fields are marked *