How to use a file in a jar as javax.net.ssl.keystore?

java jar executable-jar
darrickc picture darrickc · Dec 5, 2008 · Viewed 17.6k times · Source

I'm trying to do something like 

URL clientks = com.messaging.SubscriptionManager.class.getResource( "client.ks" );
String path = clientks.toURI().getPath();
System.setProperty( "javax.net.ssl.keyStore", path);

Where client.ks is a file stored in com/messaging in the jar file that I'm running.

The thing that reads the javax.net.ssl.keyStore is expecting a path to the client.ks file which is in the jar. I'd rather not extract the file and put in on the client's machine if possible. So is it possible to reference a file in a jar?

This doesn't work as getPath() returns null. Is there another way to do this?

Answer

user2529737 picture user2529737 · Jun 27, 2013

Still working on implementation, but I believe it is possible to load the keystore from the jar via InputStream and explicitly set the TrustStore programatically (vs setting the System properties). See the article: Setting multiple truststore on the same JVM

Got it working!

InputStream keystoreInput = Thread.currentThread().getContextClassLoader()
    .getResourceAsStream(<path in jar>/client.ks");
InputStream truststoreInput = Thread.currentThread().getContextClassLoader()
    .getResourceAsStream(<path in jar>/client.ts");
setSSLFactories(keystoreInput, "password", truststoreInput);
keystoreInput.close();
truststoreInput.close();

private static void setSSLFactories(InputStream keyStream, String keyStorePassword, 
    InputStream trustStream) throws Exception
{    
  // Get keyStore
  KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());    

  // if your store is password protected then declare it (it can be null however)
  char[] keyPassword = keyStorePassword.toCharArray();

  // load the stream to your store
  keyStore.load(keyStream, keyPassword);

  // initialize a key manager factory with the key store
  KeyManagerFactory keyFactory = 
  KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());    
  keyFactory.init(keyStore, keyPassword);

  // get the key managers from the factory
  KeyManager[] keyManagers = keyFactory.getKeyManagers();

  // Now get trustStore
  KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());    

  // if your store is password protected then declare it (it can be null however)
  //char[] trustPassword = password.toCharArray();

  // load the stream to your store
  trustStore.load(trustStream, null);

  // initialize a trust manager factory with the trusted store
  TrustManagerFactory trustFactory = 
  TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());    
  trustFactory.init(trustStore);

  // get the trust managers from the factory
  TrustManager[] trustManagers = trustFactory.getTrustManagers();

  // initialize an ssl context to use these managers and set as default
  SSLContext sslContext = SSLContext.getInstance("SSL");
  sslContext.init(keyManagers, trustManagers, null);
  SSLContext.setDefault(sslContext);    
}

Related questions

Running JAR file on Windows

I have a JAR file named helloworld.jar. In order to run it, I'm executing the following command in a command-line window: java -jar helloworld.jar This works fine, but how do I execute it with double-click instead? Do I …

Read More
What causes "Unable to access jarfile" error?

I want to execute my program without using an IDE. I've created a jar file and an exectuable jar file. When I double click the exe jar file, nothing happens, and when I try to use the command in cmd …

Read More
How to get the path of a running JAR file?

My code runs inside a JAR file, say foo.jar, and I need to know, in the code, in which folder the running foo.jar is. So, if foo.jar is in C:\FOO\, I want to get that path …

Read More