Win a copy of Rust Web Development this week in the Other Languages forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

Assigning a manually read certificate to the trustStore

Posts: 1
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Good day to everyone :-D,

This is my first post, I hope my question isn't too basic .

I have been assigned an old project here on my job and I have stumbled with a problem that I have not been able to solve :-S. Currently, the project code needs to read a keystore file to be able to visit an ssl site. To achieve this, it assigns the keystore file path to the system property doing something like this:


The problem is that, when doing this, I get an exception similar to this one: DerInputStream.getLength(): lengthTag=06, too big.

During the execution of this line:

HttpsURLConnection urlc = (HttpsURLConnection) url.openConnection();

After some googling, I found that the problem was, most likely, an error within the keystore file. However, one of my partners ran the exact same project code, with the exact same jks file without any problem :-s . I debugged the application and found out that, on my PC, the jks content was not being read completely as in my partner's pc... weird (on my pc, the code doesn't read the last 6 characters). I tried to find any difference between my partner's machine and mine without success.

Anyway, i created a function where I read the same content from a certificate file, not from a keystore. I'm doing something like this:

public X509Certificate getCertificate() {
try {

InputStream inStream = new FileInputStream("config/myCertificate.cer");
CertificateFactory cf = CertificateFactory.getInstance("X.509");

X509Certificate cert = (X509Certificate) cf.generateCertificate(inStream);
return cert;
} catch (Exception e) {
throw new RuntimeException(e);

When I use the next two lines:

X509Certificate cer = cl.getCertificate();
String sig = new String(cer.getSignature());

I get the complete signature of the certificate, which doesn't happen when using the original code on the old project in my machine. As you can see, on my method, I read a .cer file, not a .jks file. My question is:

Is there any way i can use the certificate i'm getting with this function to be able to visit the ssl site instead of using the original code? (the one using the property)?

Any advice would be appreciated.

Thanks a lot in advance :-D
Ranch Hand
Posts: 35
Chrome Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
maybe you can use http client instead of URL to make connections and read server pages/ objects
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
    Bookmark Topic Watch Topic
  • New Topic