When you need to download a certificate from a site you have 2 options:
1. Hit F12 in Browser and go to Security Tab -> View Certificate and download it from there.
(this option doesn't seem to work every time, because the option to download is disabled)
or,
2. Use openssl
- download and istall openssl (http://gnuwin32.sourceforge.net/packages/openssl.htm)
- add path to environment variables (PATH=C:\Program Files (x86)\GnuWin32\bin)
- open Command Prompt window and run:
openssl s_client -connect HOST:PORT > "C:\Users\...\mycert.cert"
The mycert.cert file will be saved in the specified location.
Then if you want to import this certificate in java trusted store, run the following command:
"<JAVA_HOME>\bin\keytool" -import -v -trustcacerts -alias server-alias -file "C:\Users\...\mycert.cert" -keystore cacerts.jks -keypass changeit -storepass changeit
Note: to find JAVA_HOME run:
echo $JAVA_HOME
on Linux or
echo %JAVA_HOME%
on Windows
Source: https://serverfault.com/questions/139728/how-to-download-the-ssl-certificate-from-a-website
https://stackoverflow.com/questions/2893819/accept-servers-self-signed-ssl-certificate-in-java-client
No comments:
Post a Comment