Untitled

Install SSL Certificate with BlackBerry App
X509Certificate _x509;

try {
    // Get an input stream for the certificate in a resource file
    InputStream rs = getClass().getResourceAsStream("/certificate.pem");

    // PEM format is Base64 encoded
    Base64InputStream b64is = new Base64InputStream(rs);

    // Create the X509 certificate
    _x509 = new X509Certificate(b64is);

    // Clean up.
    b64is.close();
    rs.close();

    // if the certificate is self signed this will perform a
    // verfication check. For non-self signed certificates
    // one could provide the signer's certificate in another
    // resource file and validate it with that public key. Other
    // versions of verify will verify it with a certificate in
    // a keystore, but then we wouldn't need to do all this.
    _x509.verify(_x509.getPublicKey());
    System.out.println(_x509.getSubjectFriendlyName());
    System.out.println(Integer.toHexString(_x509.hashCode()));

    // Add the certificate to the DeviceKeyStore
    KeyStore ks = DeviceKeyStore.getInstance();

    // Associated data is set to null, but can be used if there is associated
    // data known. You can use _x509.getStatus() instead of encoding the GOOD
    // constant, but if the device can not find a revokation or validation list
    // it will set the status to UNKNOWN which will confuse users. ks.getTicket()
    // will prompt the user for permission for the program to access the key store.
    // This may also cause the system to ask the user to set a password, unfortunately
    // I can't remember, but I don't think it will if there is no private key in the
    // certificate.
    ks.set(null, _x509.getSubjectFriendlyName(), _x509, CertificateStatus.GOOD,
       ks.getTicket() );
} catch (CertificateException ce) {
    System.out.println(ce.toString());
} catch (CryptoException crypt) {
    System.out.println(crypt);
} catch (IOException ioe) {
    System.out.println(ioe.toString());
}