Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Bash Commands to Export Cert and Import into Java Truststore

Command to export a cert from a website to a .cer file (example uses google.com) Tested with git-bash shell on Windows. Assume similar on Mac?

openssl s_client -servername google.com -connect google.com:443 </dev/null 2>/dev/null | openssl x509 -inform PEM -outform DER -out google.com.cer

Command to import into local java truststore (use your own location of JAVA_HOME)

"$JAVA_HOME"/bin/keytool -keystore "$JAVA_HOME"/jre/lib/security/cacerts -importcert -alias google.com -file google.com.cer

  • default java keystore password is changeit
  • if you get an update denied message, in Windows File Explorer set security on cacerts file to MODIFY for all Users (or chmod on linux)
  • if keytool is not found, define a JAVA_HOME environment variable (or replace $JAVA_HOME with the full path)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.