Java Code Examples for javax.net.ssl.KeyManagerFactory#getKeyManagers()

The following examples show how to use javax.net.ssl.KeyManagerFactory#getKeyManagers() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TLSHttpsTransport.java    From servicecomb-java-chassis with Apache License 2.0 6 votes vote down vote up
private SSLContext getSSLContext(KeyStore keyStore, String keyStoreValue, KeyStore trustStore) {
  try {
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore, keyStoreValue.toCharArray());
    KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();

    TrustManagerFactory trustManagerFactory = TrustManagerFactory
        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(trustStore);
    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();

    SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
    sslContext.init(keyManagers, trustManagers, new SecureRandom());
    return sslContext;
  } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
    e.printStackTrace();
  }
  return null;
}
 
Example 2
Source File: KeyStoreUtil.java    From browserup-proxy with Apache License 2.0 6 votes vote down vote up
/**
 * Retrieve the KeyManagers for the specified KeyStore.
 *
 * @param keyStore            the KeyStore to retrieve KeyManagers from
 * @param keyStorePassword    the KeyStore password
 * @param keyManagerAlgorithm key manager algorithm to use, or null to use the system default
 * @param provider            JCA provider to use, or null to use the system default
 * @return KeyManagers for the specified KeyStore
 */
public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyStorePassword, String keyManagerAlgorithm, String provider) {
    if (keyManagerAlgorithm == null) {
        keyManagerAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
    }

    try {
        KeyManagerFactory kmf;
        if (provider == null) {
            kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm);
        } else {
            kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm, provider);
        }

        kmf.init(keyStore, keyStorePassword.toCharArray());

        return kmf.getKeyManagers();
    } catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException | NoSuchProviderException e) {
        throw new KeyStoreAccessException("Unable to get KeyManagers for KeyStore", e);
    }
}
 
Example 3
Source File: KeycloakServer.java    From keycloak with Apache License 2.0 6 votes vote down vote up
private KeyManager[] getKeyManagers() throws Exception {
    String keyStorePath = System.getProperty("keycloak.tls.keystore.path");

    if (keyStorePath == null) {
        return null;
    }

    log.infof("Loading keystore from file: %s", keyStorePath);

    InputStream stream = Files.newInputStream(Paths.get(keyStorePath));

    if (stream == null) {
        throw new RuntimeException("Could not load keystore");
    }

    try (InputStream is = stream) {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        char[] keyStorePassword = System.getProperty("keycloak.tls.keystore.password", "password").toCharArray();
        keyStore.load(is, keyStorePassword);

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, keyStorePassword);

        return keyManagerFactory.getKeyManagers();
    }
}
 
Example 4
Source File: HttpConnectionFactoryImpl.java    From gradle-golang-plugin with Mozilla Public License 2.0 6 votes vote down vote up
@Nonnull
protected HttpConnection configure(@Nonnull HttpConnection input) throws IOException {
    try {
        final KeyStore keyStore = loadKeyStore();

        final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        final TrustManager[] defaultTrustManagers = trustManagerFactory.getTrustManagers();

        final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, null);
        final KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();

        input.configure(keyManagers, defaultTrustManagers, null);

        input.setInstanceFollowRedirects(true);

        return input;
    } catch (final GeneralSecurityException e) {
        throw new IOException(e.getMessage(), e);
    }
}
 
Example 5
Source File: TesterSupport.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
protected static KeyManager[] getUser1KeyManagers() throws Exception {
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(
            KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(getKeyStore(CLIENT_JKS), JKS_PASS.toCharArray());
    KeyManager[] managers = kmf.getKeyManagers();
    KeyManager manager;
    for (int i=0; i < managers.length; i++) {
        manager = managers[i];
        if (manager instanceof X509ExtendedKeyManager) {
            managers[i] = new TrackingExtendedKeyManager((X509ExtendedKeyManager)manager);
        } else if (manager instanceof X509KeyManager) {
            managers[i] = new TrackingKeyManager((X509KeyManager)manager);
        }
    }
    return managers;
}
 
Example 6
Source File: KeyStoreUtil.java    From AndroidHttpCapture with MIT License 6 votes vote down vote up
/**
 * Retrieve the KeyManagers for the specified KeyStore.
 *
 * @param keyStore            the KeyStore to retrieve KeyManagers from
 * @param keyStorePassword    the KeyStore password
 * @param keyManagerAlgorithm key manager algorithm to use, or null to use the system default
 * @param provider            JCA provider to use, or null to use the system default
 * @return KeyManagers for the specified KeyStore
 */
public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyStorePassword, String keyManagerAlgorithm, String provider) {
    if (keyManagerAlgorithm == null) {
        keyManagerAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
    }

    try {
        KeyManagerFactory kmf;
        if (provider == null) {
            kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm);
        } else {
            kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm, provider);
        }

        kmf.init(keyStore, keyStorePassword.toCharArray());

        return kmf.getKeyManagers();
    } catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException | NoSuchProviderException e) {
        throw new KeyStoreAccessException("Unable to get KeyManagers for KeyStore", e);
    }
}
 
Example 7
Source File: EmptyCertificateAuthorities.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
private SSLServerSocketFactory getSSLServerSF() throws Exception {

        char [] password =
            System.getProperty("javax.net.ssl.keyStorePassword").toCharArray();
        String keyFilename = System.getProperty("javax.net.ssl.keyStore");

        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(new FileInputStream(keyFilename), password);

        KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
        kmf.init(ks, password);

        KeyManager[] kms = kmf.getKeyManagers();
        TrustManager[] tms = new MyX509TM[] {new MyX509TM()};

        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(kms, tms, null);

        return ctx.getServerSocketFactory();
    }
 
Example 8
Source File: HTTPSConduitTest.java    From cxf with Apache License 2.0 6 votes vote down vote up
public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
    throws GeneralSecurityException,
           IOException {
    // For tests, we just use the default algorithm
    String alg = KeyManagerFactory.getDefaultAlgorithm();

    char[] keyPass = keyPassword != null
                 ? keyPassword.toCharArray()
                 : null;

    // For tests, we just use the default provider.
    KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);

    fac.init(keyStore, keyPass);

    return fac.getKeyManagers();
}
 
Example 9
Source File: NetworkTools.java    From MyBox with Apache License 2.0 6 votes vote down vote up
public static SSLSocketFactory DefaultSSLSocketFactory() {
    try {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream keyStoreFile = new FileInputStream(new File(SystemTools.keystore()));
        String keyStorePassword = SystemTools.keystorePassword();
        keyStore.load(keyStoreFile, keyStorePassword.toCharArray());

        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(keyStore, keyStorePassword.toCharArray());
        KeyManager[] keyManagers = kmf.getKeyManagers();

        SSLContext ctx = SSLContext.getInstance(CommonValues.HttpsProtocal);
        ctx.init(keyManagers, null, new SecureRandom());

        return ctx.getSocketFactory();
    } catch (Exception e) {
        logger.debug(e.toString());
        return AppVariables.defaultSSLSocketFactory;
    }

}
 
Example 10
Source File: HSSLSocketFactory.java    From appcan-android with GNU Lesser General Public License v3.0 6 votes vote down vote up
public HSSLSocketFactory(KeyStore ksP12, String keyPass) throws Exception {
    super(ksP12);
    mSSLContext = SSLContext.getInstance(SSLSocketFactory.TLS);
    KeyManagerFactory kMgrFact = null;
    TrustManager[] tMgrs = null;
    KeyManager[] kMgrs = null;
    TrustManager tMgr = null;
    tMgr = new HX509TrustManager(ksP12);
    kMgrFact = KeyManagerFactory.getInstance(Http.algorithm);
    if (null != keyPass) {
        kMgrFact.init(ksP12, keyPass.toCharArray());
    } else {
        kMgrFact.init(ksP12, null);
    }
    kMgrs = kMgrFact.getKeyManagers();
    tMgrs = new TrustManager[]{tMgr};
    SecureRandom secureRandom = new java.security.SecureRandom();
    mSSLContext.init(kMgrs, tMgrs, secureRandom);
    if (!Http.isCheckTrustCert()) {
        setHostnameVerifier(new HX509HostnameVerifier());
    } else {
        setHostnameVerifier(STRICT_HOSTNAME_VERIFIER);
    }
}
 
Example 11
Source File: TrustStoreImpl.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
private static KeyManager[] getSystemKeyManagers() throws Exception {
  KeyManagerFactory keyManagerFactory;

  String keyAlgorithm = System.getProperty("ssl.KeyManagerFactory.algorithm");
  if (keyAlgorithm == null) {
    keyAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
  }
  String keyStoreType = System.getProperty("javax.net.ssl.keyStoreType");
  if (keyStoreType == null) {
    keyStoreType = KeyStore.getDefaultType();
  }
  if ("none".equalsIgnoreCase(keyStoreType)) {
    keyManagerFactory = KeyManagerFactory.getInstance(keyAlgorithm);
  }
  else {
    final String keyStoreFileName = System.getProperty("javax.net.ssl.keyStore");
    if (keyStoreFileName != null) {
      File keyStoreFile = new File(keyStoreFileName);
      keyManagerFactory = KeyManagerFactory.getInstance(keyAlgorithm);
      String keyStoreProvider = System.getProperty("javax.net.ssl.keyStoreProvider");
      KeyStore keyStore;
      if (keyStoreProvider != null) {
        keyStore = KeyStore.getInstance(keyStoreType, keyStoreProvider);
      }
      else {
        keyStore = KeyStore.getInstance(keyStoreType);
      }
      String password = System.getProperty("javax.net.ssl.keyStorePassword");
      try (FileInputStream in = new FileInputStream(keyStoreFile)) {
        keyStore.load(in, password != null ? password.toCharArray() : null);
      }
      keyManagerFactory.init(keyStore, password != null ? password.toCharArray() : null);
    }
    else {
      return null;
    }
  }

  return keyManagerFactory.getKeyManagers();
}
 
Example 12
Source File: CalculatorTest.java    From tomee with Apache License 2.0 5 votes vote down vote up
private static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword) throws GeneralSecurityException, IOException {
    String alg = KeyManagerFactory.getDefaultAlgorithm();
    char[] keyPass = keyPassword != null ? keyPassword.toCharArray() : null;
    KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
    fac.init(keyStore, keyPass);
    return fac.getKeyManagers();
}
 
Example 13
Source File: NonJavaKeyStoreImpl.java    From qpid-broker-j with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unused")
private void updateKeyManagers()
{
    try
    {
        if (_privateKeyUrl != null && _certificateUrl != null)
        {
            PrivateKey privateKey = SSLUtil.readPrivateKey(getUrlFromString(_privateKeyUrl));
            X509Certificate[] certs = SSLUtil.readCertificates(getUrlFromString(_certificateUrl));
            List<X509Certificate> allCerts = new ArrayList<>(Arrays.asList(certs));
            if(_intermediateCertificateUrl != null)
            {
                allCerts.addAll(Arrays.asList(SSLUtil.readCertificates(getUrlFromString(_intermediateCertificateUrl))));
                certs = allCerts.toArray(new X509Certificate[allCerts.size()]);
            }
            checkCertificateExpiry(certs);
            java.security.KeyStore inMemoryKeyStore = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());

            byte[] bytes = new byte[64];
            char[] chars = "".toCharArray();
            RANDOM.nextBytes(bytes);
            StandardCharsets.US_ASCII.decode(ByteBuffer.wrap(bytes)).get(chars);
            inMemoryKeyStore.load(null, chars);
            inMemoryKeyStore.setKeyEntry("1", privateKey, chars, certs);


            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            kmf.init(inMemoryKeyStore, chars);
            _keyManagers = kmf.getKeyManagers();
            _certificate = certs[0];
            _certificates = Collections.unmodifiableCollection(allCerts);
        }

    }
    catch (IOException | GeneralSecurityException e)
    {
        throw new IllegalConfigurationException("Cannot load private key or certificate(s): " + e, e);
    }
}
 
Example 14
Source File: JdkSslFactory.java    From ambry with Apache License 2.0 5 votes vote down vote up
/**
 * Create {@link SSLContext} by loading keystore and trustsotre
 * One factory only has one SSLContext
 * @param sslConfig the config for setting up the {@link SSLContext}
 * @return SSLContext
 * @throws GeneralSecurityException
 * @throws IOException
 */
private SSLContext createSSLContext(SSLConfig sslConfig) throws GeneralSecurityException, IOException {
  SSLContext sslContext;
  if (!sslConfig.sslContextProvider.isEmpty()) {
    sslContext = SSLContext.getInstance(sslConfig.sslContextProtocol, sslConfig.sslContextProvider);
  } else {
    sslContext = SSLContext.getInstance(sslConfig.sslContextProtocol);
  }

  SecurityStore keystore =
      new SecurityStore(sslConfig.sslKeystoreType, sslConfig.sslKeystorePath, sslConfig.sslKeystorePassword);
  String kmfAlgorithm = sslConfig.sslKeymanagerAlgorithm.isEmpty() ? KeyManagerFactory.getDefaultAlgorithm()
      : sslConfig.sslKeymanagerAlgorithm;
  KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmfAlgorithm);
  KeyStore ks = keystore.load();
  String keyPassword = sslConfig.sslKeyPassword.isEmpty() ? keystore.password : sslConfig.sslKeyPassword;
  kmf.init(ks, keyPassword.toCharArray());
  KeyManager[] keyManagers = kmf.getKeyManagers();

  String tmfAlgorithm = sslConfig.sslTrustmanagerAlgorithm.isEmpty() ? TrustManagerFactory.getDefaultAlgorithm()
      : sslConfig.sslTrustmanagerAlgorithm;
  TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
  KeyStore ts = new SecurityStore(sslConfig.sslTruststoreType, sslConfig.sslTruststorePath,
      sslConfig.sslTruststorePassword).load();
  tmf.init(ts);

  sslContext.init(keyManagers, tmf.getTrustManagers(),
      sslConfig.sslSecureRandomAlgorithm.isEmpty() ? new SecureRandom()
          : SecureRandom.getInstance(sslConfig.sslSecureRandomAlgorithm));
  return sslContext;
}
 
Example 15
Source File: CertificateHelper.java    From signer with GNU Lesser General Public License v3.0 5 votes vote down vote up
public static KeyManager[] getKeyManagers(KeyStore keyStore, Authority authority)
		throws NoSuchAlgorithmException, NoSuchProviderException, UnrecoverableKeyException, KeyStoreException {
	String keyManAlg = KeyManagerFactory.getDefaultAlgorithm();
	KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManAlg
	/* , PROVIDER_NAME */);
	kmf.init(keyStore, authority.password());
	return kmf.getKeyManagers();
}
 
Example 16
Source File: Connection.java    From deskcon-android with GNU General Public License v3.0 5 votes vote down vote up
public static SSLContext initSSLContext(Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException {
		// load the keystore
		InputStream keyStoreStream;
		try {
			keyStoreStream = context.openFileInput("devicekeystore.bks");
		} catch (FileNotFoundException e1) {
			return null;
		}
		KeyStore MyKeyStore = KeyStore.getInstance("BKS");
		MyKeyStore.load(keyStoreStream, "android".toCharArray());
//		Enumeration<String> aliases = MyKeyStore.aliases();
//		while(aliases.hasMoreElements()) {
//			System.out.println(aliases.nextElement());
//		}
		
		// initialize trust manager factory with the read truststore
	    TrustManagerFactory trustManagerFactory = null;
	    trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		trustManagerFactory.init(MyKeyStore);
		TrustManager[] tm = trustManagerFactory.getTrustManagers();
		
		// init KeyManagerFactory
		KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
		keyManagerFactory.init(MyKeyStore, "passwd".toCharArray());
		KeyManager[] km = keyManagerFactory.getKeyManagers();
		
		
		// Set SSL Context
		SSLContext sslcontext;
		if( Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN ) {
			sslcontext = SSLContext.getInstance("TLSv1.2");
		}
		else {
			sslcontext = SSLContext.getInstance("TLSv1");
		}
		
		sslcontext.init(km, tm, new SecureRandom());
		
		return sslcontext;
	}
 
Example 17
Source File: OkHttpUnsafe.java    From xio with Apache License 2.0 5 votes vote down vote up
public static KeyManager[] getKeyManagers(
    PrivateKey privateKey, X509Certificate[] certificateAndChain) throws Exception {
  KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
  keystore.load(null, "".toCharArray());
  keystore.setKeyEntry("server", privateKey, "".toCharArray(), certificateAndChain);
  KeyManagerFactory keyManagerFactory =
      KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  keyManagerFactory.init(keystore, "".toCharArray());
  return keyManagerFactory.getKeyManagers();
}
 
Example 18
Source File: VaultClient.java    From datacollector with Apache License 2.0 4 votes vote down vote up
private KeyManager[] getKeyManagers(final KeyStore trustStore, String password) throws GeneralSecurityException {
  KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(X509);
  keyMgrFactory.init(trustStore, password.toCharArray());
  return keyMgrFactory.getKeyManagers();
}
 
Example 19
Source File: SSLUtils.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up
/**
 * Creates an SSL context for the external REST SSL.
 * If mutual authentication is configured the client and the server side configuration are identical.
 */
@Nullable
private static SSLContext createRestSSLContext(Configuration config, RestSSLContextConfigMode configMode) throws Exception {
	checkNotNull(config, "config");

	if (!isRestSSLEnabled(config)) {
		return null;
	}

	KeyManager[] keyManagers = null;
	if (configMode == RestSSLContextConfigMode.SERVER || configMode == RestSSLContextConfigMode.MUTUAL) {
		String keystoreFilePath = getAndCheckOption(
			config, SecurityOptions.SSL_REST_KEYSTORE, SecurityOptions.SSL_KEYSTORE);

		String keystorePassword = getAndCheckOption(
			config, SecurityOptions.SSL_REST_KEYSTORE_PASSWORD, SecurityOptions.SSL_KEYSTORE_PASSWORD);

		String certPassword = getAndCheckOption(
			config, SecurityOptions.SSL_REST_KEY_PASSWORD, SecurityOptions.SSL_KEY_PASSWORD);

		KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
		try (InputStream keyStoreFile = Files.newInputStream(new File(keystoreFilePath).toPath())) {
			keyStore.load(keyStoreFile, keystorePassword.toCharArray());
		}

		KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
		kmf.init(keyStore, certPassword.toCharArray());

		keyManagers = kmf.getKeyManagers();
	}

	TrustManager[] trustManagers = null;
	if (configMode == RestSSLContextConfigMode.CLIENT || configMode == RestSSLContextConfigMode.MUTUAL) {
		String trustStoreFilePath = getAndCheckOption(
			config, SecurityOptions.SSL_REST_TRUSTSTORE, SecurityOptions.SSL_TRUSTSTORE);

		String trustStorePassword = getAndCheckOption(
			config, SecurityOptions.SSL_REST_TRUSTSTORE_PASSWORD, SecurityOptions.SSL_TRUSTSTORE_PASSWORD);

		KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
		try (InputStream trustStoreFile = Files.newInputStream(new File(trustStoreFilePath).toPath())) {
			trustStore.load(trustStoreFile, trustStorePassword.toCharArray());
		}

		TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		tmf.init(trustStore);

		trustManagers = tmf.getTrustManagers();
	}

	String sslProtocolVersion = config.getString(SecurityOptions.SSL_PROTOCOL);
	SSLContext sslContext = SSLContext.getInstance(sslProtocolVersion);
	sslContext.init(keyManagers, trustManagers, null);

	return sslContext;
}
 
Example 20
Source File: SSLUtils.java    From mockwebserver with Apache License 2.0 4 votes vote down vote up
public static KeyManager[] keyManagers(InputStream certInputStream, InputStream keyInputStream, String algo, String passphrase) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, CertificateException, InvalidKeySpecException, IOException {
    KeyStore keyStore = createKeyStore(certInputStream, keyInputStream, algo, passphrase.toCharArray());
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(keyStore, passphrase.toCharArray());
    return kmf.getKeyManagers();
}