BibleGateway.com Verse Of The Day


“fixing our eyes on Jesus, the pioneer and perfecter of faith. For the joy set before him he endured the cross, scorning its shame, and sat down at the right hand of the throne of God.” (Hebrews 12:2)  listen to chapter  (Read by Max McLean. Provided by The Listener's Audio Bible.)

Powered by BibleGateway.com

Wednesday, July 16, 2008

Making Your JVM Trust Those SSL Certificates

Guess I should follow-up with a "part 2" on yesterday's post about saving off SSL certificates. The whole point of me going through the exercise was that one of the web services we consume is SSL and the certificate expired. The new certificate was self-signed, so our Java code threw exceptions saying a trusted certificate was not found.

So the second step for me was to import them so my JVM(s) would recognize the certificate as "trusted".

To get your JVM to trust the certificate, you import it into your keystore using the keytool executable (found in your JDK bin directory):
[jboss@j2apptest01 bin]$ ./keytool -import -alias SomeWebserviceName -file ~/SomeCertificateFileName.CER
If the keystore does not exist yet, the tool will prompt you to enter a keystore password. Remember that password, as you will need to use it to import new certificates or export or view current ones.

It will then display all the keys and other info about the certificate and ask you to confirm that you really want to import. You will want to verify the keys match up to what you think you are importing, of course. Then type "yes" and it should tell you the certificate was added.

After that, our calls to the web service started to ork again, like magic.
Posted by Robb at 12:20 PM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)