Archive

Monthly Archives: October 2014

When creating a custom SSLSocketFactory or modifing the application in any other way is not an option

This example uses a Tomcat server listing for HTTPS connections on port 8443 but should work anywhere.

Retrieve the public key:

$openssl s_client -connect localhost:8443, then create a file localhost.pem that looks like

BEGIN CERTIFICATE-----
lklkkkllklklklklllkllklkl
lklkkkllklklklklllkllklkl
lklkkkllklk
END CERTIFICATE

Import the key:

#keytool -import -alias localhost-selfsigned -keystore $JAVA_HOME/jre/lib/security/cacerts -file localhost.pem

When promted for password, write changeit

Restart JVM / Application server instance.

References: http://stackoverflow.com/questions/859111/how-do-i-accept-a-self-signed-certificate-with-a-java-httpsurlconnection