Saturday, 19 March 2016

How to install and uninstall SSL certificate into JRE ?


Checking if SSL certificate already exists or not

a. Go to bin directory under JRE of your java installation
cd C:\Program Files\Java\jre6\bin

b. Run keytool to check for alias of MyFriends OREcertificate
keytool -list -v -keystore cacertsFile -alias aliasName

Example : Here, Using cacerts file under JRE Lib of Java installation
keytool -list -v -keystore "C:\ProgramFiles\Java\jre6\lib\security\cacerts" -alias userService



Deleting the existing certificate

keytool -delete -alias userService -keystore "C:\ProgramFiles\Java\jre6\lib\security\cacerts"



Installing a new SSL certficate

a. Get the certificate from the SSL site
  • Open destination URL of SSL site in browser.
    Example     : https: //shaan.service.host/crm/services/UserService?wsdl
  • Click on security button (Lock icon) in browser address bar.
  • Open certificates, go to details tab and click Copy To...
  • Download the certificate in X509 format (.cer file)

b. Provide full rights (read+write) to the cancert file under JRE
    Example File path : C:\Program Files\Java\jre6\lib\security\cacerts

c. Go to bin directory under JRE of your java installation
    cd C:\Program Files\Java\jre6\bin

d. Import the downloaded certificate into JRE
keytool -import -alias userService -file C:\Users\qldc1776\Desktop\shaan.userservice.cer -keystore "C:\Program Files\Java\jre6\lib\security\cacerts"

e. Check the certificate is installed or not


* Important information
Default password of keystore is : changeit



Linux - Install / Uninstall SSL Certificate

Check if a certificate with the same alias is already installed
/opt/sun/jdk1.5.0_17/bin/keytool -list -keystore /opt/sun/jdk1.5.0_17/jre/lib/security/cacerts | grep userService

Delete any existing certificate
/opt/sun/jdk1.5.0_17/bin/keytool -delete -alias userService -keystore /opt/sun/jdk1.5.0_17/jre/lib/security/cacerts

Install the certificate
/opt/sun/jdk1.5.0_17/bin/keytool -import -alias userService -file /tmp/shaan-userservice.cer  -keystore /opt/sun/jdk1.5.0_17/jre/lib/security/cacerts

Posted by at
Labels:

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)