I came across this Java snippet as part of creating an SSLContext. I am wondering about the
init call, where a
keyPass is specified. What if the KeyStore contains multiple certificates with different aliases and different passwords?
val keyStore = KeyStore.getInstance("jks") keyStore.load(inputStream, "storePass") val keyManagerFactory = KeyManagerFactory.getInstance("SunX509") keyManagerFactory.init(keyStore, keyPass?) val keyManagers = keyManagerFactory.getKeyManagers val sslContext = SSLContext.getInstance("TLS") sslContext.init(keyManagers, null, new SecureRandom)
How would you rewrite the code if
keyStore contained cert1 (alias: one, pwd: foo) and cert2 (alias: two, pwd: bar)? Maybe I misunderstood a thing or two 🙂
After double checking the documentation, and doing a bit of googling, it seems like maintaining multiple keystores and wrapping them in a bespoke composite keymanager could work, as the author of this blog post is doing.