spikesource hints'n'tips

Our Top Tags

                                       

Mailing List

Keep uptodate with the latest hints'n' tips as they are published by signing up to our mailing list.

Our RSS Feeds








Latest Linux News

20 Beautiful Dark Themes for Gnome and Ubuntu

Tuesday, 19 August 2008
Cats Who Code: "Some weeks ago, I shown you a list of 30 themes for enhancing your Gnome desktop."

OpenSolaris: a Linux Admin's View

Tuesday, 19 August 2008
Linux Format: "Sun is battling hard to break into the open source operating system world with OpenSolaris. Juliet Kemp takes it for a test-drive, sampling its unique features and seeing how it fares a

What's That They Say About Assumptions?

Tuesday, 19 August 2008
Blog of Helios: "Sometimes Linux isn't the answer."

The Brampton Factor: Analysts Fail on Open Source

Tuesday, 19 August 2008
IT Pro: "For open source software to achieve its full potential, people's perceptions must change. Yet how can that happen when open source is so woefully neglected by analysts, asks Martin Brampton."

Why Red Hat Invested In JBoss Instead Of Linux Desktops

Tuesday, 19 August 2008
The VAR Guy: "Ever wonder why Red Hat spends so much time focused on the JBoss middleware market and so little time trying to make Linux a desktop standard? The answer involves some simple but startli

Latest Digg Entries

How to import a certificate from file in Java using keytool

« H E email
posted Wednesday, 17 August 2005
If you need to import a certificate not included as part of the JRE then you can do so using the keytool utility provided as part of the JRE/JDK installation.

keytool -keystore <path to keystore> -import -file <path to certificate> -alias <alias>

Accessing https://bugzilla.mozilla.org using a default installation of JRE 1.4.2_04 is not possible without importing the Mozilla certificate or one of the certificates in the trust hierarchy (GlobalSign Root CA, GlobalSign RootSign Partners CA, or XRamp Security Services GS CA).

The first step is to get the certificate as a file. The easiest way to do this is to surf to https://bugzilla.mozilla.org/ in Internet Explorer, go to File, then Properties. On the popped up Properties you'll see a "Certificates" button in the bottom right hand side. Click on that, select the Details tab, then "Copy to File..". Follow the wizard through saving as "DER encoded binary X.509". Name your file mozilla.cer. (Alternatively if you wish to install one of the other certificates in the chain they should be downloadable from their websites.)

Now enter the following at a DOS prompt where "c:\Program Files\Java\j2re1.4.2_04" can be substituted for your own java installation path:

keytool -keystore "c:\Program Files\Java\j2re1.4.2_04\lib\security\cacerts" -import -file mozilla.cer -alias mozilla

On executing this, you'll be prompted for a password which should be "changeit" (the default). Then enter "yes" to finish.

tags:  

links: digg this    del.icio.us    technorati    


comments (6)


1. bob left...
Monday, 24 October 2005 9:41 pm

Hi, It you do not want to use command line, there is a free GUI version called KeyTool IUI, see http://yellowcat1.free.fr/index_ktl.html


2. John left...
Wednesday, 10 May 2006 8:03 pm

Thank you this solved my problem


3. Jimmy left...
Friday, 8 December 2006 2:47 am

Thanks a lot.


4. rnavarro left...
Tuesday, 4 March 2008 11:56 am

Hi, I need to know how to import a certificate froma a keystore PKCS12 to a UBER keystore. With keyToolIUI it works perfectly but I need the source code, I've used java.security.keystore but it doesn't work thks


5. dsingh283 left...
Friday, 20 June 2008 2:41 pm

c:\java\jdk1.3\jre\bin\keytool -keystore "c:\java\jdk1.3\jre\lib\security\cacerts" -import

-file entrust.cer "c:\certificate" -alias cert1

i am trying to import entrust.cert into .keystore file. am i missing something in this .


6. dsingh283 left...
Friday, 20 June 2008 3:39 pm

c:\java\jdk1.3\jre\bin\keytool -import -file "c:\certificate\entrust.cer" -keystore "c:\java\jdk1.3\jre\lib\security\cacerts" -alias cert1

  • .... Now its working.. but i am still getting. Untrusted server cert chain exception


Related Posts

How can I start a Java process and retain its process id?

Monday, 2 October 2006 2:41 P GMT
How can I start a Java process and retain its process id?

Handling different Java runtimes on a single machine

Thursday, 14 September 2006 10:48 A GMT
This entry takes a quick look at how you can best utilise different Java JVMs on the linux using a couple of techniques.

Invoking Jetty as an embedded server

Wednesday, 16 August 2006 2:24 P GMT
Ever wondered how to invoke Jetty as an embedded server? David Yu from the Jetty Mailing list recently posted a way you can do this.

How to install JMeter and use it for testing

Sunday, 11 September 2005 8:00 A GMT
Apache JMeter is a 100% pure Java desktop application designed to test performance on static/dynamic resources such as static files, Servlets, CGI scripts. JMeter can also be used to regression test application by creating test scripts.

Introduction to JVM crashes

Friday, 9 September 2005 10:33 A GMT
Things to look for when checking a JVM crash

Configuring JGroups to avoid using multicasting

Wednesday, 31 August 2005 7:54 A GMT
JGroups - the cluster library used by Jboss, uses multicasting for cluster communication. This article discusses configuration of JGroups so that it does not use multi casting.

How to import a certificate from file in Java using keytool

Wednesday, 17 August 2005 4:56 P GMT
How to import a certificate from file in Java using keytool