echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
> <PATH_TO_CERTIFICATE>/certificate.cer |
echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
> <PATH_TO_CERTIFICATE>/certificate.cer
weiterlesen…
keytool -keystore <PATH_TO_JRE>/lib/security/cacerts \
-import -alias certificate \
-file <PATH_TO_CERTIFICATE>/certificate.cer |
keytool -keystore <PATH_TO_JRE>/lib/security/cacerts \
-import -alias certificate \
-file <PATH_TO_CERTIFICATE>/certificate.cer
// Path to your keystore where you registred the SSL certficate
String keystorePath = "<PATH_TO_JRE>/lib/security/cacerts";
System.setProperty("javax.net.ssl.keyStore", keystorePath);
// Password of your java keystore. Default value is : changeit
System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); |
// Path to your keystore where you registred the SSL certficate
String keystorePath = "<PATH_TO_JRE>/lib/security/cacerts";
System.setProperty("javax.net.ssl.keyStore", keystorePath);
// Password of your java keystore. Default value is : changeit
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
-Djavax.net.ssl.keyStore="<PATH_TO_JRE>/lib/security/cacerts"
-Djavax.net.ssl.keyStorePassword=changeit |
-Djavax.net.ssl.keyStore="<PATH_TO_JRE>/lib/security/cacerts"
-Djavax.net.ssl.keyStorePassword=changeit
weiterlesen… (inkl. LDAPS-Beispiel)
# Kette importieren
keytool -import -trustcacerts -keystore /home/xyz/config/xyz.jks \
-alias x1 -file /home/eva/config/x1.cer
keytool -import -trustcacerts -keystore /home/xyz/config/xyz.jks \
-alias r3 -file /home/eva/config/r3.cer
# Zertifikat global bereitstellen
keytool -import -trustcacerts \
-keystore /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts \
-alias xyz -file /home/xyz/config/xyz.cer
# Zertifikate auflisten
keytool -list -v -storepass changeit \
-keystore /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts
java -Djavax.net.debug=all -Djavax.net.ssl.trustStore=/home/xyz/config/xyz.jks \
-Djavax.net.ssl.trustStorePassword=$XYZ_JKS_PASS \
-cp "$XYZ_JARS" net.btmx.xyz.MainApp |
# Kette importieren
keytool -import -trustcacerts -keystore /home/xyz/config/xyz.jks \
-alias x1 -file /home/eva/config/x1.cer
keytool -import -trustcacerts -keystore /home/xyz/config/xyz.jks \
-alias r3 -file /home/eva/config/r3.cer
# Zertifikat global bereitstellen
keytool -import -trustcacerts \
-keystore /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts \
-alias xyz -file /home/xyz/config/xyz.cer
# Zertifikate auflisten
keytool -list -v -storepass changeit \
-keystore /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts
java -Djavax.net.debug=all -Djavax.net.ssl.trustStore=/home/xyz/config/xyz.jks \
-Djavax.net.ssl.trustStorePassword=$XYZ_JKS_PASS \
-cp "$XYZ_JARS" net.btmx.xyz.MainApp
Fehlermeldung
Keytool-Fehler: java.io.IOException: Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available
Einfache Lösung war, das Java mit winget install Microsoft.OpenJDK.11 zu aktualisieren.