Ginger Spen Ginger Spen - 5 months ago 30
Java Question

Using a p12 file without a password in Java

Try as I might, I can't figure out how to use a .p12 file without a password in Java. I've tried setting

javax.net.ssl.keyStorePassword
to
""
but whatever I do I get the following SSL error:


HTTP transport error: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake


All my googling would suggest that the sun implementation will not allow an empty password and of course the keytool won't let you import any certificate without a password for the store.

DNA DNA
Answer

The Sun API seems to require a password, so you will instead need to add a password to your .p12 file.

This page says that you can do this with openssl by converting the .p12 to a .pem, then converting back to a .p12 (but I have not tried it):

open­ssl pkcs12 -in cert.p12 -out temp.pem -passin pass: -passout pass:temppassword
open­ssl pkcs12 -export -in temp.pem -out cert-final.p12 -passin pass:temppassword -passout pass:newpa­ssword
rm -f temp.pem

See also this related question.