The JSSE X509KeyManager currently can only be initialized using a single, already loaded KeyStore. Changes made to the KeyStore after the X509KeyManager object has been initialized are ignored.
This is insufficient for Smartcard support. The requirements there are:
. the Smartcard can be inserted and removed at any time.
. it must be possible to prompt the user for the PIN using an application specified callback
. the user should not be prompted for the PIN until it is actually needed
. it must be possible to use multiple KeyStores simultaneously (e.g. a Java PKCS12KeyStore plus one or more Smartcards).
A new class to abstract information about a KeyStore instance and a parameter class to initialize the X509KeyManager should be defined.