Problem: Ich möchte jede Nacht die neuesten qualifizierten Signaturen der akkreditierten Anbieter der Bundesnetzagentur runterladen und diese in einem Java-Keystore speichern!
Bundesnetzagentur

Lösung:
BouncyCastle downloaden und installieren Download

Einen Job anlegen:

public class KeyStoreUpdateJob extends QuartzJobBean
{
	private static final Logger logger = Logger.getLogger(KeyStoreUpdateJob.class);

	private KeyStore accreditedKeyStore;

	@Override
	protected void executeInternal(JobExecutionContext context)
			throws JobExecutionException
	{
			accreditedKeyStore = KeyStore.getInstance("JKS");
			accreditedKeyStore.load(new FileInputStream(new File("path_to_keystore")), "password".toCharArray());

			Builder builder 			= new X509LDAPCertStoreParameters.Builder("ldap://ldap.nrca-ds.de:389","dc=ldap,dc=nrca-ds,dc=de");
			CertStore ldapCertStrore 	= CertStore.getInstance("LDAP", builder.build(),"BC");

			X509CertSelector selector 	= new X509CertSelector();
			//First we load all certificates from LDAP
			try
			{
				Iterator iterator = ldapCertStrore.getCertificates(selector).iterator();
				while(iterator.hasNext())
				{
					X509Certificate crl = (X509Certificate )iterator.next();
					accreditedKeyStore.setCertificateEntry(crl.getSubjectDN().getName(), crl);
				}

				//After that we save all in the keystore
				FileOutputStream fos = null;
				try
				{
					fos = new FileOutputStream(new File("path_to_keystore"));
					accreditedKeyStore.store(fos,  "password".toCharArray());
					fos.flush();
					fos.close();
					logger.info("Keystore was updated with Certificates from LDAP(Netzagentur) and from Folder");

				} catch (CertificateException e)
				{
					logger.error(e.getMessage());
				} finally
				{

					IOUtils.closeQuietly(fos);
				}

			} catch (CertStoreException e)
			{
				logger.error(e.getMessage());

			}
	}
}

Den Job in Spring verdrahten: