Access browser keystore from applet or java web start
I spent the last few days investigating how to access browser's keystore from an applet. What I want to do is to generate a proxy certificate (RFC3820) using the key/cert stored inside the browser keystore. Let's assume the applet is signed and trusted by the browser user.
I googled serveral places mentioning this, but none gives clear answers.
http://java.sun.com/javase/6/docs/technotes/guides/deployment/deployment... says browser key store are available for java plug-in for the following purposes:
* Signature signing verification
* HTTPS server authentication
* HTTPS client authentication
But they exclude what I want to do.
I searched Java API, and it seems there is no api for reading the currently "available" KeyManager and TrustManager. Though we can create KeyManager and TrustManager from loading file-based keystores. Am I correct?
So my questions are:
1. is it possible to access browser keystore from applet or web start by only using the capability exposed by Java Plug-in in browser? and How?
2. If the answer to question 1 is no, can I do it using browser support, such as Firefox JSS?
Many thanks in advance!