JDK/JRE comes with list of CA certificates per-installed from Oracle. In the case when you have created your own CA and wan't to trust it for HTTPS or SSL Socket connection for Rest or J2EE application, you need to import the CA's root certificate to the JDK.
You can check which certificates are already installed in your JDK using following keytool command
Although the list would be very long.keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
Get the CA's root certificate (cer, pem, der etc formats). In below it shows that you can download the CA's root of trustwave from below page link
After downloading run the following command.
In above command, you can replace the name of the alias whatever you want like AbcRoot , RootXYZkeytool -import -trustcacerts -alias twroot -file stca.cer -keystore $JAVA_HOME/jre/lib/security/cacerts
It shall ask for a password to import the cert, if you haven't changed it by default it is changeit
Make sure you restart your web-server/java program after importing the certificate.
No comments:
Post a Comment