| Back | Main view

Ad-hoc Trust anchors - IMiS/Storage Connector JAVA

Product:IMiS/Storage Connector JAVA
Release:10.2.2110
Date:01/03/2022

Case: PKI is used to secure transport between IMiS/Storage Connector Java and IMiS/ARChive server when using 'iarcs' protocol (TLS encrypted 'iarc' protocol). IMiS/Storage Connector uses Java's cacerts CA bundle to determine, if IMiS/ARChive's presented certificate is trusted. There are instances where using cacerts is not preferred and we need to implement this trust chain using ad-hoc trusted CA chain.

Description:

This example demonstrates operation which adds certificate file to trust anchors collection, when session is attempting to connect on IMiS/ARChive Server.
Below is a description of operation for adding certificate to trust anchors collection.


Add trust anchor

Operation adds the certificate file to trust anchors collection.


JAVA

IArchive archive = IMIS_ARCHIVE;

try {
  // Add connecting listener
  archive.addConnectingListener(new IConnectingListener() {
    public void connecting(ConnectingEvent event)
    {
      // Add trust anchor on session initialization
      if (ConnectingStage.SESSION_INITIALIZATION == event.getStage()) {
        // Read certificate from file
        try {
          CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
          X509Certificate certificate = null;
          FileInputStream inputStream = new FileInputStream(new File("<certificate-path>"));
          try {
            certificate = (X509Certificate)certificateFactory.generateCertificate(inputStream);
          }
          finally {
            inputStream.close();
          }

          // Add trust anchor
          Set<TrustAnchor> trustAnchors = new HashSet<TrustAnchor>();
          trustAnchors.add(new TrustAnchor(certificate, null));
          event.setTrustAnchors(trustAnchors);
        }
        catch (Exception e) {
          e.printStackTrace();
          System.out.println(e.getMessage());
        }
      }
    }
  });

  // Authenticate archive
  archive.authenticate();
}
catch (LoginException e) {
  e.printStackTrace();
  System.out.println(e.getMessage());
}
catch (IOException e) {
  e.printStackTrace();
  System.out.println(e.getMessage());
}



Related Documents:

Database 'IMiS Knowledge database', View 'By Product', Document 'IMiS/Storage Connector 10.2.2110 JAVA Interface for IMiS/ARChive v10.2' IMiS/Storage Connector 10.2.2110 JAVA Interface for IMiS/ARChive v10.2

| Back | Main view

Copyright © Imaging Systems Ltd, 2024