Writing by shivdev on Thursday, 8 of September , 2011 at 1:14 am
Let’s say your Java Web Service client wants to make a call (SOAP over SSL/https) to a service running on some server and is using a legitimate certificate or say a self-signed certificate.
Now, your client can either bypass this certificate business by using XTrustProvider.install() or do it the right way by importing the certificate in your JRE_HOME/lib/security/ folder.
Either read the documentation on keytool or read further.
(My snippets below use JDK 1.6.0_26 and are done Windows. You can do equivalent stuff on Linux as well)
To View the list of certificates in the JDK, goto JRE_HOME\lib\security and run the following:
C:\Java\jdk1.6.0_26\jre\lib\security>..\..\bin\keytool keytool -list -keystore cacerts
Enter keystore password:default password is changeit
To Import the certificate into JDK, goto JRE_HOME\lib\security and run the following:
C:\Java\jdk1.6.0_26\jre\lib\security>..\..\bin\keytool -import -alias myTestCert -keystore cacerts -file c:\Temp\Certificates\DER_Cert.cer
Enter keystore password:default password is changeit
Now, your Java Web Service Client should now be able to make the calls over SSL without connection issues.
In case you want to Delete the Certificate:
C:\Java\jdk1.6.0_26\jre\lib\security>..\..\bin\keytool -delete -alias myTestCert -keystore cacerts
Enter keystore password: default password is changeit
Shivdev Kalambi is a Software Development Manager, previously a Principal Software Engineer at ArcSight/HP. With over 16 years' experience in software development, he's worked on several technologies and played different roles and contributed to all phases of projects. Non-tech activies include Ping-pong, Rock Climbing and Yoga at PG, Golf, Skiing, Swimming & a beer enthusiast.