Abstract
This chapter introduces digital certificates and discusses several key management strategies for certificates and symmetric cipher keys. Digital certificates represent a core part of a commonly discussed, rarely achieved public key infrastructure (PKI). Tracking and managing secret keys, key pairs, and digital certificates can be a major undertaking in some situations. The Java Crypography Architecture (JCA) defines the java.security.KeyStore engine class to manage secret keys, key pairs, and digital certificates. The java. security.Security class offers a set of methods to dynamically read and modify properties from the java.security file. The code to read a Base64 encoded certificate is over twice as long as the code required reading a distinguished encoding rules (DER) encoded certificate. Base64 encoding is incredibly useful, as it is all printable characters. Many certificate authorities (CAs) make a signed certificate available through a web site. The Base64 encodes the certificate and displays it inside of a large text box on the web page for copying and pasting into a Notepad or one's editor of choice and save out to one's local disk drive. The RSA encryption limitations are elaborated.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have