Revision history [back]

There are several ways to retrieve the approved CA certificates from a server using Java. One of the common ways is to use the Java KeyStore API. Here is an example code snippet that demonstrates how to retrieve the approved CA certificates from a server using Java:

import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;

public class RetrieveCACertificates {

  public static void main(String[] args) throws Exception {

    String keystoreFile = "path/to/keystore.jks";
    String keystorePassword = "keystorepassword";

    // Load the keystore from file
    InputStream keystoreStream = new FileInputStream(keystoreFile);
    KeyStore keystore = KeyStore.getInstance("JKS");
    keystore.load(keystoreStream, keystorePassword.toCharArray());

    // Retrieve the certificates from the keystore
    String alias = null;
    int i = 1;
    while ((alias = keystore.aliases().nextElement()) != null) {
      Certificate cert = keystore.getCertificate(alias);
      if (cert.getPublicKey().getAlgorithm().equals("RSA")) {
        System.out.println("Cert " + i++ + ": " + cert.toString());
      }
    }

  }

}

In this code snippet, we are loading the keystore file using the FileInputStream class and initializing a KeyStore object. Then, we are retrieving the certificate aliases from the keystore using the aliases() method and iterating through them to get the individual certificates using the getCertificate() method. Finally, we are checking if the certificate's public key algorithm is RSA and printing the certificate information to the console. Note that you may need to modify this code to suit your specific use case.