When creating Java keystore, remember to update java cacert keystore

Posted by phatdee on September 5, 2013

Posted in: SSL. Tagged: java, keytool, SSL. Leave a Comment

So I always forget this critical step when dealing with Keystore’s then for next couple of hours I’m breaking keyboards trying to figure out why it’s NOT working. You need to import your cacert from your CA into the java cacert keystore. This is different than the keystore you will be creating for your app.

Note: paths may be a little different for your setup..

Import it
$JAVA_HOME/bin/keytool -import -alias serverCert -file /ssl/cacert.pem -keystore /usr/java/latest/jre/lib/security/cacerts

Verify after it’s installed
$JAVA_HOME/bin/keytool -v -list -keystore /usr/java/latest/jre/lib/security/cacerts -alias serverCert

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

UnixDude

"To be a warrior is not a simple matter of wishing to be one. It is rather an endless struggle that will go on to the very last moment of our lives. Nobody is born a warrior, in exactly the same way that nobody is born an average man. We make ourselves into one or the other." --Kokoro

When creating Java keystore, remember to update java cacert keystore

Leave a Reply Cancel reply

Categories

Archives

Spam Blocked

Recent Posts

LinuxSecurity – Security Articles

Unknown Feed

Categories

Spam Blocked

Recent Posts

LinuxSecurity – Security Articles

Unknown Feed

My Steam’s Game WishList