Mischiefblog
I make apps for other people

HTTPS and self-signed certificates in Java

Posted by Chris Jones
On November 13th, 2015 at 07:02

Permalink | Trackback | Links In |

Comments Off on HTTPS and self-signed certificates in Java
Posted in Java
  1. You need a copy of the self-signed server certificate, typically an arm file.
  2. You need to add this certificate to a Java truststore (keystore)

        keytool -import -trustcacerts -file cert.arm -keystore clienttrust.jks

    Make a note about the password. You’ll be including it in the startup script so don’t reuse a personal password.

  3. Modify startup script to look to the truststore (with the password you set in the previous step)

        java -classpath ".:lib/*" $JVM_ARGS -Dlog4j.configuration=config/log4j.xml \
        -Djavax.net.ssl.trustStore=/path/clienttrust.jks -Djavax.net.ssl.trustStorePassword=password \
        -Djavax.net.ssl.trustStoreType=jks \
        com.company.path.ClassName "$@"

Troubleshooting

If you’re having HTTPS connection problems, add the following parameter to your startup script’s java command line:

    -Djavax.net.debug=ssl

Comments are closed.