I'm writing a Java desktop application that will be available to the public. It will contact backend APIs via HTTPS using Jersey client.
I don't know anything about using certificates in desktop apps but from what I've found out so far I'll need to create an SSLContext that reads a public certificate from a KeyStore that is protected by a password.
I'm assuming I can distribute the contents of the KeyStore by packaging it in the Jar of my app. But I don't see how I can securely make the key store password available to the app. I don't want the users to have to enter it manually.
Aucun commentaire:
Enregistrer un commentaire