I've different services using SSL in my application, those services use different .p12 files to connect with different passwords. Right now java load the truststore and the keystore + the files on each call so I want to remove this behaviour and add the certificates to my JVM by default this is something I can do using
-Djavax.net.ssl.keyStore="{mycert.p12}" -Djavax.net.ssl.keyStorePassword={mypassword} -Djavax.net.ssl.keyStoreType=PKCS12 -Djavax.net.ssl.trustStore="{cacertsroute}" -Djavax.net.ssl.trustStorePassword=changeit
But I've different p12 files so I need to concatenate them in one file because I cannot specify to jvm to use multiple p12 files and passwords in command line.
I created a new p12 file empty and I added one of the p12 file inside using keytool
keytool -importkeystore -srckeystore first.p12 -srcstoretype pkcs12 -srcstorepass firstp12pass -destkeystore newstore.p12 -deststoretype pkcs12 -deststorepass firstp12pass
After that I've a new keystore with just one p12 and it works with the service that is using first.p12 cert. I read that the keystore and the p12 should have the same password so for add the second p12 file I created a temp.p12 file that change the password of the second.p12 to the firstp12pass so now they've the same password and then I use the same command than before to add the temp.p12(which is second.p12) to newstore.p12.
Now I've just 1 file with the two entries for different services but when I use the certificate now is not working.
I debugged the ssl call and it seems that the CN is not fine. When I call with a p12 with just one entry it sends the right CN to the server but when I use 2 entries it doesn't select the right one.
Could someone help me with this? Maybe it's not possible to mix the files or there is another way to do that.
Thanks,
