Adding self-signed https certificates to java keystore
Thu, 2007-10-25 09:57 — chris
There are several reasons you may need to add a self-signed https ssl certificate to your local java keystore.
For me - its so that maven can access DAV shares for repository deployment.
You need to run the following
$JAVA_HOME/bin/keytool -import -alias <some descriptive name> -file <certificate file> -keystore <path to keystore>
For MAC - keystore is $JAVA_HOME/lib/security/jssecacerts
(and JAVA_HOME on the Mac is /System/Library/Frameworks/JavaVM.framework/Versions/<your version>/Home)
For Windows/Linux - keystore is $JAVA_HOME/jre/lib/security/jssecacerts
Default password is changeit
Update
If you need to install someone else's certificate and they don't have a download link then the following from (http://www.madboa.com/geek/openssl/#cert-retrieve) may help:
#!/bin/sh
#
# usage: retrieve-cert.sh remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}
echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
Technorati Tags: