Writing by shivdev on Thursday, 8 of September , 2011 at 1:14 am
Let’s say your Java Web Service client wants to make a call (SOAP over SSL/https) to a service running on some server and is using a legitimate certificate or say a self-signed certificate.
Now, your client can either bypass this certificate business by using XTrustProvider.install() or do it the right way by importing the certificate in your JRE_HOME/lib/security/ folder.
Either read the documentation on keytool or read further.
(My snippets below use JDK 1.6.0_26 and are done Windows. You can do equivalent stuff on Linux as well)
To View the list of certificates in the JDK, goto JRE_HOME\lib\security and run the following:
C:\Java\jdk1.6.0_26\jre\lib\security>..\..\bin\keytool keytool -list -keystore cacerts
Enter keystore password:default password is changeit
To Import the certificate into JDK, goto JRE_HOME\lib\security and run the following:
C:\Java\jdk1.6.0_26\jre\lib\security>..\..\bin\keytool -import -alias myTestCert -keystore cacerts -file c:\Temp\Certificates\DER_Cert.cer
Enter keystore password:default password is changeit
Now, your Java Web Service Client should now be able to make the calls over SSL without connection issues.
In case you want to Delete the Certificate:
C:\Java\jdk1.6.0_26\jre\lib\security>..\..\bin\keytool -delete -alias myTestCert -keystore cacerts
Enter keystore password: default password is changeit
Shivdev Kalambi is a Principal Software Engineer working at
ArcSight. He has over 11 years' experience in software development and has worked with several
technologies and played different roles and contributed to all phases of projects. Other non-tech activies include Ping-pong, Racquetball, Rock Climbing at PG and Swimming.
