Skip to main content

Access browser keystore from applet or java web start

No replies
wjfang
Offline
Joined: 2009-03-03
Points: 0

I spent the last few days investigating how to access browser's keystore from an applet. What I want to do is to generate a proxy certificate (RFC3820) using the key/cert stored inside the browser keystore. Let's assume the applet is signed and trusted by the browser user.

I googled serveral places mentioning this, but none gives clear answers.

http://java.sun.com/javase/6/docs/technotes/guides/deployment/deployment... says browser key store are available for java plug-in for the following purposes:
* Signature signing verification
* HTTPS server authentication
* HTTPS client authentication

But they exclude what I want to do.

I searched Java API, and it seems there is no api for reading the currently "available" KeyManager and TrustManager. Though we can create KeyManager and TrustManager from loading file-based keystores. Am I correct?

So my questions are:
1. is it possible to access browser keystore from applet or web start by only using the capability exposed by Java Plug-in in browser? and How?
2. If the answer to question 1 is no, can I do it using browser support, such as Firefox JSS?

Many thanks in advance!