Page 1 of 1
openwebstart not reading certificates from CAC reader
Posted: 11 Dec 2023, 19:07
by channareddy
Hi Team,
openwebstart: 1.7.0
Adapt JDK version : 11.0.20.8
Is openwebstart able to read/use certificates from CAC reader like Oracle Java ?
How OpenWebStart and Adapt JDK pull the client certificates from CAC reader instead of using from imported location C:\Users<USERNAME>.config\icedtea-web\security\trusted.clientcerts file?
Could you please help on this.
Thank
Channa
Re: openwebstart not reading certificates from CAC reader
Posted: 12 Dec 2023, 05:42
by Janak Mulani
Re: openwebstart not reading certificates from CAC reader
Posted: 12 Dec 2023, 08:08
by channareddy
Thanks Mulani for the update.
We are looking openwebstart and AdaptOpen Java should able to read certificates directly from CAC reader like Oracle Java does while launching JNLP file. Is it supported ? Could you please help on this query..
We able to import certificates into openwebstart location C:\Users<USERNAME>.config\icedtea-web\security\trusted.clientcerts and use it, but that is not the customer requirement, should automatically read from CAC reader like Oracle Java does without importing certificates.
Thanks
Channa
Re: openwebstart not reading certificates from CAC reader
Posted: 13 Dec 2023, 04:38
by Janak Mulani
> should automatically read from CAC reader like Oracle Java does without importing certificates.
OWS does not support this at present and there is no plan to implement this unless someone is sponsoring this feature.
Either you may considering sponsoring or you may contribute to code by creating a Pull Request on github.
Btw, there is already a Pull Request
https://github.com/AdoptOpenJDK/IcedTea-Web/pull/820 for accessing Windows Keystore. Similarly a PR for CAC reader can be created.