Listing the Most-Trusted Certificate Authorities (CA) in a Key Store : Certificate « Security « Java

Listing the Most-Trusted Certificate Authorities (CA) in a Key Store


import java.util.Iterator;

public class Main {
  public static void main(String[] argv) throws Exception {

    String filename = System.getProperty("java.home")
        + "/lib/security/cacerts".replace('/', File.separatorChar);
    FileInputStream is = new FileInputStream(filename);
    KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    String password = "password";
    keystore.load(is, password.toCharArray());

    PKIXParameters params = new PKIXParameters(keystore);

    Iterator it = params.getTrustAnchors().iterator();
    for (; it.hasNext();) {
      TrustAnchor ta = (TrustAnchor);

      X509Certificate cert = ta.getTrustedCert();


Related examples in the same category

1.Signature Test
2.Specify the keystore of certificates using the system property:
3.Retrieving a Certificate from a Key Store
4.Adding a Certificate to a Key Store
5.Creating a Certification Path
6.Validating a Certification Path using the most-trusted CAs in the JDK's cacerts file.
7.Importing a Certificate from a File
8.Retrieving the Certification Path of an SSL Server
9.Getting the Subject and Issuer Distinguished Names of an X509 Certificate
10.Creates a CertStore from the contents of a file-system directory.