This content originally appeared on DEV Community and was authored by Artem
A third-party service is available via https, so how can java app connect to that service?
Truststore and Keystore
Java has two places for save certificate: truststore and keystore
Truststore - for client and public key
Keystore - for private key
In our task we need a truststore
Tools
For SSL certificate use such tools like openssl and keytool from jdk
Example
First of all download certificate from third-party-service.
sudo rm -f thirdPartyCert.pem && sudo echo -n | openssl s_client -showcerts -connect third-party-service:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > thirdPartyCert.pem
Copy current truststore
cp $JAVA_HOME/lib/security/cacerts currentCacerts
Import the new certificate to truststore
keytool -import -trustcacerts -keystore "currentCacerts" -alias third-party-service -file "thirdPartyCert.pem" -storepass changeit
Check certificate
keytool -list -v -keystore currentCacerts -alias third-party-service -storepass changeit
Use the option to add a certificate while launching your app
-Djavax.net.ssl.trustStore=mySuperCacerts
Perfect!
This content originally appeared on DEV Community and was authored by Artem
Artem | Sciencx (2021-04-28T19:50:41+00:00) SSL certificate for java application. Retrieved from https://www.scien.cx/2021/04/28/ssl-certificate-for-java-application/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.