DEV Community

Artem
Artem

Posted on

3 2

SSL certificate for java application

A third-party service is available via https, so how can java app connect to that service?

Truststore and Keystore

Java has two places for save certificate: truststore and keystore

Truststore - for client and public key
Keystore - for private key

In our task we need a truststore

Tools

For SSL certificate use such tools like openssl and keytool from jdk

Example

First of all download certificate from third-party-service.

sudo rm -f thirdPartyCert.pem && sudo echo -n | openssl s_client -showcerts -connect third-party-service:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > thirdPartyCert.pem
Enter fullscreen mode Exit fullscreen mode

Copy current truststore

cp $JAVA_HOME/lib/security/cacerts currentCacerts
Enter fullscreen mode Exit fullscreen mode

Import the new certificate to truststore

keytool -import -trustcacerts -keystore "currentCacerts" -alias third-party-service -file "thirdPartyCert.pem" -storepass changeit
Enter fullscreen mode Exit fullscreen mode

Check certificate

keytool -list -v -keystore currentCacerts -alias third-party-service -storepass changeit
Enter fullscreen mode Exit fullscreen mode

Use the option to add a certificate while launching your app

-Djavax.net.ssl.trustStore=mySuperCacerts
Enter fullscreen mode Exit fullscreen mode

Perfect!
Alt Text

AWS Security LIVE!

Join us for AWS Security LIVE!

Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.

Learn More

Top comments (0)

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay