Esh
Esh

Reputation: 856

How to integrate SSL certificates to the cacerts file in /jre/security folder?

Recently our server got upgraded to SHA-256 based SSL certificate. And from then we are facing javax.naming.CommunicationException . In order to resolve this issue i need to add/append a set of Certificate Chain into CACERTS file under the path /usr/lib/jvm/jre/lib/security of our server.

I found this link of SO which explains the steps to achieve this through a program. Can any one suggest how to add these certificate chains into the cacerts file through linux commands.

Upvotes: 2

Views: 16351

Answers (2)

George S
George S

Reputation: 640

From the linux command prompt issue the command:

/usr/lib/jvm/jre/bin/keytool -import -alias <> -file <> -keystore cacerts

That command uses the Java keystore tool to import the new cert file into the existing cacerts file. The <> is whatever you want to call the cert. The <> is the actual file you want imported.

If you are prompted for a password, the default keystore password is 'changeit'.

Repeat for each new cert file you want added.

Upvotes: 2

Forketyfork
Forketyfork

Reputation: 7810

You should use the keytool utility from the Java distribution, in your case it should be under /usr/lib/jvm/bin directory.

keytool -importcert -file your_cert_file_here \
    -keystore /usr/lib/jvm/jre/lib/security/cacerts -storepass changeit

Upvotes: 1

Related Questions