Java programs bypass SSL certificate issues accessing HTTPS Web sites

Source: Internet
Author: User
Tags ssl certificate

Part of the original, reference: reference: http://tanyongbing.iteye.com/blog/1855132


In project development, sometimes encounter with SSL security certificate import to deal with, how to import the certificate into Java cacerts Certificate library?
In fact, it is very simple, the method is as follows:


Every step: Use the Firefox browser, go to a website beginning with a https://www.xxx.com, download the certificate to be imported.
Click the lock on the left side of the browser navigation bar to see more information about the secure link, click View Certificate, click Details, click Export,
Save Type "The Certificate of the" (PEM) (*.CRT; *.pem)
For example: Save As Abc.cer, placed under C drive




The second step: How to import the above step (abc.cer) This certificate into the Cacerts certificate library in Java?
Methods are as follows
Assuming that your JDK is installed in the C:\jdk1.5 directory,
Start >> run >> input cmd into DOS command line >> (some Windows systems, need to run as administrator,
Then use the CD to enter the C:\jdk1.5\jre\lib\security directory.
Enter the following command to execute
Keytool-import-alias Cacerts-keystore Cacerts-file D:\software\AKAZAM-Mail.cer
At this point, the command line prompts you to enter the password for the Cacerts certificate store.
You just typed in Changeit, which is the default password for the Cacerts certificate store in Java.
You can also modify it yourself.

After importing, use-list to view (not using-alias to specify the alias, so it is MyKey), where MD5 will correspond to the MD5 of the certificate.
MyKey, 2012-10-26, Trustedcertentry,
Certified fingerprint (MD5): 8d:a2:89:9a:e4:17:07:0b:bd:b0:0c:36:11:39:d0:3d

Custom file and password path, not yet verified:
Define the Truststore using the java_opts variable on the Stash Server:
You'll have the following:
On Windows:
java_opts =-djavax.net.ssl.truststore= "%java_home%\jre\lib\security\cacerts"-djavax.net.ssl.truststorepassword= "Changeit"
On Linux:
java_opts =-djavax.net.ssl.truststore= "$JAVA _home/jre/lib/security/cacerts"-djavax.net.ssl.truststorepassword= " Changeit "
(info) On my local instance truststore password are Changeit so I belive, if you didn′t changed it, your are changeit as well.


The tomcat, JUnit runtime loads the Cacerts file from the default path, and if the main function runs directly you need to specify the Javax.net.ssl.trustStore file path, such as:
java-djavax.net.ssl.truststore= $JAVA _home/jre/lib/security/cacerts-jar Xxx.jar &


Note that if there are spaces in the java_home settings, Java execution errors can be java_home in the environment variable C:\Program files as C:\progra~1


Reference: http://tanyongbing.iteye.com/blog/1855132

Java programs bypass SSL certificate issues accessing HTTPS Web sites

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.