Importing a Certificate Into the Data Vault

Obtain a certificate reference and store it in a password protected data vault to use for X.509 certificate authentication.

The difference between importing a certificate from a system store or a file directory is determined by how you obtain the CertificateStore object. In either case, only a label and password are required to import a certificate.

// Obtain a reference to the certificate store
CertificateStore certStore = CertificateStore.getDefault();

// Obtain a list of certificates
StringList labels = certStore.certificateLabels();

// Import a certificate from store (into memory)
String label = ...; // ask user to select a label
String password = ...; // ask the user for a password
LoginCertificate cert = certStore.getSignedCertificate(label, password);

// Lookup or create data vault
String vaultPassword = ...; // ask user or from O/S protected storage
String vaultName = "..."; // e.g. "SAP.CRM.CertificateVault"
String vaultSalt = "..."; // e.g. a hard-coded random GUID
DataVault vault;
try
{
    vault = DataVault.getVault(vaultName);
    vault.unlock(vaultPassword, vaultSalt);
}
catch (DataVaultException ex)
{
    vault = DataVault.createVault(vaultName, vaultPassword, vaultSalt);
}

// Save certificate into data vault
cert.save("myCert", vault);
Parent topic: Single Sign-On With X.509 Certificate Related Object API