java - Retrieve the certificate (JKS or PFX) from Azure Key Vault

Question

I wanted to create jwt token using Java. My code works if I store the certificate (JKS) locally in my machine. But I want to use the certificate from Azure Key Vault without storing it in locally. How to modify the file part? and what if it's PFX not JKS?

 KeyStore keystore = KeyStore.getInstance("JKS");

              File keystoreFile = ResourceUtils.getFile("classpath:"+Keystore);
              keystore.load(new FileInputStream(keystoreFile), KeyPassword.toCharArray());
                      
              PrivateKey privateKey = (PrivateKey) keystore.getKey(KeyAlias, KeyPassword.toCharArray());

question from:https://stackoverflow.com/questions/65651123/retrieve-the-certificate-jks-or-pfx-from-azure-key-vault

Answer 1

As per KeyStore JavaDoc (https://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html#load(java.io.InputStream,%20char[])), the method signature you are using is KeyStore.load(InputStream, char[]). This means that the InputStream does not have to be a FileInputStream. Download your keystore bytes from Azure, wrap them into a ByteArrayInputStream and do whatever you need to do.

As for how to read pfx keystore, you should be able to do it with initiating the keystore like KeyStore.getInstance("pkcs12", "SunJSSE") and then loading it like you would load a JKS keystore.