Skip to content

Instantly share code, notes, and snippets.

@kishorek

kishorek/exportImportJavaCert.md

Forked from jeffsheets/exportImportJavaCert.md
Last active September 15, 2021 06:33
Show Gist options
  • Save kishorek/31dc7422216629cc005524a98caebb89 to your computer and use it in GitHub Desktop.
Save kishorek/31dc7422216629cc005524a98caebb89 to your computer and use it in GitHub Desktop.
Download ZIP
Bash Commands to Export Cert and Import into Java Truststore
Raw
exportImportJavaCert.md

Command to export a cert from a website to a .cer file (example uses google.com) Tested with git-bash shell on Windows. Assume similar on Mac?

openssl s_client -servername google.com -connect google.com:443 </dev/null 2>/dev/null | openssl x509 -inform PEM -outform DER -out google.com.cer

Command to import into local java truststore (use your own location of JAVA_HOME)

"$JAVA_HOME"/bin/keytool -keystore "$JAVA_HOME"/jre/lib/security/cacerts -importcert -alias google.com -file google.com.cer

  • default java keystore password is changeit
  • if you get an update denied message, in Windows File Explorer set security on cacerts file to MODIFY for all Users (or chmod on linux)
  • if keytool is not found, define a JAVA_HOME environment variable (or replace $JAVA_HOME with the full path)

Other ref: https://medium.com/expedia-group-tech/how-to-import-public-certificates-into-javas-truststore-from-a-browser-a35e49a806dc

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment