How to update Java SSL Certificate



Update SSL certificates for third party application.


javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?


Generally once in a year third party application certificates gets expired and can see exceptions like above. I have tried to cover few points while updating the certs.


Step 1: 
Identify which certificate has been expired or required to be updated.

Step 2:
Download certificates directly from the site, or get it from specific sources.
For example (Firefox browser), 
1) Go to third party site and click on "i" icon at the beginning of the URL. 
2) View More Info -> View Certificate Button ->  Check Period of Validity and expiry date. 
3) Go to Details Tab, and select site-domain or Certificate Hierarchy and click on Export button.
4) Save certificate (for ex. wwwgooglecom.crt) to local folder (tmp).



On windows machine:

Go to Installed Java path.

For ex. C:\Program Files\Java\jre1.8.0_121\bin>

Execute below command to import SSL.

keytool -import -alias <domain-name> -file /tmp/<domain-name>.crt

keytool -import -alias myabc.com -file /tmp/myabc.com.crt
keytool -import -alias myabc.com -file /tmp/myabc.com.cert


To Keystore:

C:\Program Files\Java\jre1.8.0_101\bin>keytool -import -alias mydomainname.com -file /tmp/mydomainname.com.crt -keystore "%JAVA_HOME%/jre/lib/security/cacerts"

Give password: changeit

On linux environment:

./keytool -import -alias <SERVER_NAME> -file /tmp/<SERVER_NAME>.cert -keystore /usr/java/jdk1.8.0_11/jre/lib/security/cacerts

or
./keytool -import -trustcacerts -alias SymantecxxxxxCA-G4 -file /tmp/SymantecxxxxxCA-G4.crt -keystore /usr/java/jdk1.8.0_12/jre/lib/security/cacerts




Comments

Post a Comment

Popular posts from this blog

SVN plugin setup in IBM RAD8 - Checkout project from SVN

Image
SVN plugin setup in RAD8 SVN is free open source version control system. SVN manages files, directories and the changes made to them, over the time. This allows users to recover older version of data/files including history details. To work on SVN files and directories, we have to configure SVN plugins into RAD. Note: There is no direct support for any third party or open source tool or plugin in Rational Application Developer 7.x or 8.x, that is not shipped or documented with the product You are advised to backup the <RAD Install dir>\<SDPnnn>\ eclipse.ini file and configuration\ folder before installing any third party plugins. This will assist with recovery if there are problems, short of re-installing RAD. Also, record into which folder the third party plugins/features/artifacts are installed. You are advised to start RAD as admin (logged in) user before installing any plugin. Follow below steps to configure SVN plugin into RAD8.x. A...
Read more

How to Upgrade Dojo in IBM WebSphere Portal v8.0

How to upgrade dojo without changing existing dojo in IBM WebSphere v8.0. IBM WebSphere Portal v8.0 provides ready-to-use dojo like v1.4.3, v1.6 and v1.7 (v1.7.2). IBM WebSphere v8.5 comes with a newer version of dojo, but to use newer version of Dojo like 1.8.x in WebSphere v8.0, there are no upgrade fixes available. The only way we can upgrade dojo is by customizing a newer dojo release.  This blog is targeted for WebSphere users but the concept can be used or leveraged by other open source technologies too. The steps described below are using IBM RAD and IBM Portal Server v8.  Following steps describes how to use customized dojo at the theme level but, can also be used at the page level. Step #1 Download Dojo Download the Dojo released version from the Dojo site.   Go to the http://download.dojotoolkit.org/release-1.8.5/ Click on dojo-release-1.8.5-src.zip and save it to a temp directory. Unzip the downloaded zip file. Step #2 Creat...
Read more

Dojo Enhanced Grid with Checkbox like radio button exmaple

There are some situations where we need to show Grid with Check box but should perform as Radio button. Below code snippet is an example of extended Dojo Enhanced Grid which shows Check-box but works as Radio button. Prerequisite : // 1. Dojo // 2. Add required dojo components like dojox/grid/EnhancedGrid used in required section. // 3. Include Enhanced grid css on jsp. Get it from dojo site. 1. JSP HTML code snippet.    <!-- Enhanced grid data placeholder --> <div id="gridData"> <div id="gridDataCP" data-dojo-type="dijit/layout/ContentPane"></div> </div> 2. JavaScript code snippet. /*************************************************************************  * Dojo Enhanced Grid implementation with checkbox,  * but achieved functionalites like single select radio button.  **************************************************************************/ /**  * Enhanced grid implementation us...
Read more