DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’» is a community of 967,911 amazing developers

We're a place where coders share, stay up-to-date and grow their careers.

Create account Log in
Artem
Artem

Posted on

SSL certificate for java application

A third-party service is available via https, so how can java app connect to that service?

Truststore and Keystore

Java has two places for save certificate: truststore and keystore

Truststore - for client and public key
Keystore - for private key

In our task we need a truststore

Tools

For SSL certificate use such tools like openssl and keytool from jdk

Example

First of all download certificate from third-party-service.

sudo rm -f thirdPartyCert.pem && sudo echo -n | openssl s_client -showcerts -connect third-party-service:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > thirdPartyCert.pem
Enter fullscreen mode Exit fullscreen mode

Copy current truststore

cp $JAVA_HOME/lib/security/cacerts currentCacerts
Enter fullscreen mode Exit fullscreen mode

Import the new certificate to truststore

keytool -import -trustcacerts -keystoreΒ "currentCacerts"Β -aliasΒ third-party-serviceΒ -fileΒ "thirdPartyCert.pem"Β -storepassΒ changeit
Enter fullscreen mode Exit fullscreen mode

Check certificate

keytool -list -v -keystore currentCacerts -alias third-party-service -storepass changeit
Enter fullscreen mode Exit fullscreen mode

Use the option to add a certificate while launching your app

-Djavax.net.ssl.trustStore=mySuperCacerts
Enter fullscreen mode Exit fullscreen mode

Perfect!
Alt Text

Top comments (0)

🌚 Browsing with dark mode makes you a better developer by a factor of exactly 40.

It's a scientific fact.