For a Public Key Infrastructure (PKI) client, it is required to obtain both non-repudiation and digital signature certificates. The following code has been implemented to obtain those certificates:
keyStore.load(null, null);
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
java.security.cert.Certificate certificate = keyStore.getCertificate(alias);
}
}
However, both digital and non-repudiation certificates have the same alias. so when keystore.getCertificate was called, the system will always return the first result, although in the certmgr.msc window, it was observed that there were 2 certificates, and the LOOP block executed two times, but the system will always return duplicate result from the first certificate. How can one resolve this issue?
You cannot really have two different entries with the same alias. But this is how you can get list of all first level certificates from the key store as a list
List<Certificate> certificates = new ArrayList<Certificate>();
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
Certificate certificate = keyStore.getCertificate(alias);
if (certificate != null) {
certificates.add(certificate);
}
}