问题
Create a selfsigned java keystore and certificate file using keytool utility. Am able to add the certificate into windows trust store by going to certificate console by using mmc.exe command.
But is there anyway to add the certificate into windows trust store programmatically. And also required the same things for MAC system.
Appreciate for any suggestions.
回答1:
Below is code snippet for Windows/MAC to add certificate in their trust store.
Window:
KeyStore root = KeyStore.getInstance("Windows-ROOT","SunMSCAPI");
root.load(null,null);
/* certificate must be DER-encoded */
FileInputStream in = new FileInputStream("yourcertificate.cer");
X509Certificate cacert = (X509Certificate)CertificateFactory.getInstance("X.509").generateCertificate(in);
root.setCertificateEntry("certificatealiasname", cacert);
In windows it is successfully adding the certificate in trust store, but some system does not work due to not having admin privileges. So in those machine it will work if logged in as Administrator or give the user some Admin privileges.
MAC:
KeyStore root = KeyStore.getInstance("KeychainStore", "Apple");
root.load(null);
/* certificate must be DER-encoded */
FileInputStream in = new FileInputStream("yourcertificate.cer");
X509Certificate cacert = (X509Certificate)CertificateFactory.getInstance("X.509").generateCertificate(in);
root.setCertificateEntry("certificatealiasname", cacert);
root.store(null, null);
It is able to successfully add the certificate in keychain but not trusting the certificate. So need to go to KeyChain Access and manually trust the certificate.
来源:https://stackoverflow.com/questions/32356003/how-to-programmatically-acces-the-window-and-mac-trusted-certificate-store