Create a gist now

Instantly share code, notes, and snippets.

Make a SSL certificate visible to your app
Since the server is using https, we need to:
1/ obtain the certificate from the server,
2/ add this certificate to java's default trusted store
3/ restart the server
1/ obtain the certificate from the server
Here's a recipe that can be used when you're stuck with the command-line, as is generally the case if you're configuring a server:
* Create the following file to help you get the certificate, let's name it ``:
# usage: [port]
echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
* Call the file with the IP of the server (let's say it's for the example), the port (generally 443 for https), and send the output to some file, let's name it server.pem:
sh 443 > server.pem
2/ add this certificate to java's default trusted store
* each Java Development Kit installation (whose home directory is generally known as `${JAVA_HOME}`) has a default certificate trusted store, located in `${JAVA_HOME}/security/cacerts`
* and by default a JVM when started will load all the certificates present in this trusted store
* so you'll just type the following command, which will add the server's certificate located in file `server.pem` to this default trusted store:
JAVA_HOME=/path/to/your/java/home # e.g. for ubuntu it'll be /etc/java-6-sun
sudo ${JAVA_HOME}/bin/keytool -import -alias ${CERTIFICATE_ALIAS} -keystore ${JAVA_HOME}/security/cacerts -file server.pem
* the default password for the JDK's cacert keystore is `changeit`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment