HTTPS Java Client Keystore Certs

by clay on June 8, 2012 in Development

When making a secure connection via a java client such as commons-http, the JVM looks for a cert to be available and most client libraries do not try to negotiate the certs automatically, so you will need to import it to your keystore. This is the simplest explanation I could muster for what you will need to do to make a HTTPS connection by java.

claygraham@gaudi:~/tmp$ echo | 
  openssl s_client -connect api.welocally.com:443 2>/dev/null | 
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >
   ~/tmp/api.welocally.com.cer
 
claygraham@gaudi:~/tmp$ openssl x509 -text 
  -in ~/tmp/api.welocally.com.cer
 
claygraham@gaudi:~/tmp$ sudo keytool -delete 
  -alias api.welocally.com 
  -keystore $JAVA_HOME/Home/lib/security/cacerts
 
claygraham@gaudi:~/tmp$ sudo keytool -import 
  -alias api.welocally.com 
  -keystore $JAVA_HOME/Home/lib/security/cacerts 
  -file ~/tmp/api.welocally.com.cer

About clay

Clay is the founder of welocally. Making location aware applications that help people become independent is a passion for Clay. Want to know more about him? Just ask.

View all posts by clay →

← Dealing With sharer.php

Hang’n with Octocat →

View Comments (0)
Submit A Comment

Comments are closed.

Questions? Feedback?Olark live chat software