Reputation: 54015
How to make Java "trust" an expired certificate?
I have a CA-signed, but long expired code signing certificate in use for a JWS-deployed web application.
When I launch this app, I get a warning prompt asking whether I trust this publisher. When I agree, in Java control panel I can see the certificate in Security tab.
How can I achieve the same effect programmatically (from command line)? keytool -import does not seem to do the trick.
Upvotes: 4
Views: 9801
Answers (1)
Reputation: 12700
The portecle program is a great little tool for doing things which you can otherwise only do using the API. You can get it here: http://portecle.sourceforge.net/
On Windows Vista/7 you must run the program as administrator if you want to import a certificate into cacerts. I do this by running command prompt as administrator, then running the portecle.bat file.
The cacerts file is located here: $JAVA_HOME/lib/security/cacerts
Press CTRL-O to open a keystore file. The password for cacerts is changeit
Don't forget to save after you import your certificate.
Upvotes: 2
Related Questions
- Java trustmanager behavior on expired certificates
- java - ignore expired ssl certificate
- Make a connection to a HTTPS server from Java and ignore the validity of the security certificate
- Trusting an expired self-signed certificate while calling a webservice
- How to check if Java Web Start app will continue working after certificate expires
- Enable Java to permit expired certificate
- How to manage certificate renewal with Java Webstart application
- How can I use an old java applet with an expired certificate?
- Expired certificate for Java Web Start
- Java SSL/TLS ignore expired cert? (java.security.cert.CertPathValidatorException: timestamp check failed)