Managing SSL certificates for various JVMs on Debian Squeeze
Mon, 2012.04.02 - 10:57 — müzso
In case of the Sun/Oracle JVM (JRE/JDK) the SSL certificates are store in this keystore:
Eg.
As you can see from the example, the default keystore password is "changeit".
To verify whether the certificate is actually in the keystore:
If you use OpenJDK, it's quite a bit different though. Install the
/etc/java-6-sun/security/cacerts. To update it, use the keytool utility that comes with the JRE/JDK.Eg.
keytool -importcert -alias mycacert -file mycacert.pem -trustcacerts -noprompt -storepass changeit -keystore /etc/java-6-sun/security/cacertsAs you can see from the example, the default keystore password is "changeit".
To verify whether the certificate is actually in the keystore:
keytool -list -alias mycacert -noprompt -storepass changeit -keystore /etc/java-6-sun/security/cacertsIf you use OpenJDK, it's quite a bit different though. Install the
ca-certificates-java package, put your certificate file into /usr/local/share/ca-certificates with a .crt extension and run update-ca-certificates. The keystore to check/verify is this time here: /etc/ssl/certs/java/cacerts.
All of my own contents here (if not noted otherwise) are licensed under the
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License. My posts reflect my personal opinion and shall not be associated with any of my employers.
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License. My posts reflect my personal opinion and shall not be associated with any of my employers.
Recent comments
1 year 42 weeks ago
3 years 11 weeks ago
3 years 11 weeks ago
3 years 13 weeks ago
3 years 14 weeks ago
3 years 21 weeks ago
3 years 21 weeks ago
3 years 21 weeks ago
3 years 21 weeks ago
3 years 22 weeks ago