I am developing a Java applet for singing PDF documents in the web browser. The applet needs to be able to work with both Windows and Mac OS. The applet will display a list of installed certificates on user's computer and let the user select one of them for signing.
I have found examples how to read certificates from a Windows keystore using the "Windows-MY" identifier, but I cannot find any example working with certificates in Java for Mac OS. How can a list of certificates be read from keystore on a Mac?
I am new to Java programming (being a .NET web developer primarily), maybe I miss something. Thank you for any help.
This is documented here: Java Cryptography Architecture Oracle Providers Documentation for JDK 8
You should read the whole page, but the relevant part for your question is at the bottom:
The Apple provider implements a java.security.KeyStore that provides access to the Mac OS X Keychain. The following algorithms are available in the Apple provider:
Engine: KeyStore
Algorithm Name(s): KeychainStore
So, in other words: You obtain a KeyStore object for the Mac OS X keychain by using the name "KeychainStore":
KeyStore ks = KeyStore.getInstance("KeychainStore");
After that it's basically the same as for every other keystore type. For example to list all certificates and their aliases:
ks.load(null, null);
Enumeration<String> en = ks.aliases();
while (en.hasMoreElements()) {
String aliasKey = en.nextElement();
X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey);
System.out.println("alias: " + aliasKey);
System.out.println("cert:" + c.getSubjectX500Principal().toString());
}
BTW, the browser vendors and Oracle are phasing out the browser plugin for applets. Java Web Start might be an alternative.