Import Certificates into Java Keystore

Import Certificates into Java Keystore

Objectives

Import certificates into java keystore to accept new SSL certificate handshakes.

Prerequisites

Access to application server

Ability to download certificate to be imported

Instructions

With new SHA-2 certificates being put into place, we may have the need to update the root certificates in the Java keystore to allow new certificates to be accepted. Each version of Java packages different root certificates by default and some may not store the ones that we need. This was true when Authorize.net switched to using new certificates on some of our servers.

  1. Download the certificate to be imported into keystore. These can be found on the websites of the issuing authorities.
  2. Login to the server and upload the root certificate to the root directory.
  3. Run the following command to import into keytool
    1. /usr/java/jdk1.6.0/bin/keytool -import -alias entrust_ev_ca -file entrust_ev_ca.cer -keystore /usr/java/jdk1.6.0/jre/lib/security/cacerts
      1. /usr/java/jdk1.6.0/bin/keytool - Refers to the directory where keytool can run. This will be under the JAVA_HOME directory.
      2. -import - Indicates we are importing a certificate
      3. -alias - The name we want the certificate to be refered to as
      4. -file - The name of the file to be imported. If file is located in root directory, no file location needed.
      5. -keystore - The location of the keystore. This will be under the JAVA_HOME directory.
  4. Once the command has been run, you will receve a success message. You can check that the root certificate was installed by looking at the list by running the following command to see the contents of the keystore.
    1. /usr/java/jdk1.6.0/bin/keytool -v -list -keystore /usr/java/jdk1.6.0/jre/lib/security/cacerts | less

 


    • Related Articles

    • Remote Deployment Process - Java

      Deployment Process Determine if a valid argument has been passed in Only continue if downloadOnly, postDownload, fullDeployment, handleSuccess, checkHash, verifyApplications passed through. Lock file to stop deployment from running more than once ...

    • Import Mid-Month Usage Information

      Import Mid-Month Usage Information Objectives Import usage from previous point of sale system to allow for a mid-month go-live date. Communities may also have staggered meal plan start dates that require loading in usage for some residents regardless ...

    • Run Remote Deployment Process - Java

      Remote Server Configuration This has already been completed for all existing remote servers. Java 1.8 installed Tomcat located at /srv/tomcat XE database installed and running with fc_obj_owner user Directory /home/deployment exists Database backup ...

    • Copy Certificates to Filesystems for Enterprise Networks on OS Image 7.3.1+

      Copy Certificates to Filesystems for Enterprise Networks on OS Image 7.3.1+ Objectives Copy security certificates to a FullCount filesystem so Network Manager can load them and gain network access. Prerequisites Keyboard (possibly mouse if KDS/Print ...

    • Post Central Deployment Tasks

      Post Central Deployment Tasks Objectives Complete necessary post-deployment tasks Prerequisites Access to Redmine Access to production database Access to fcadmin Access to deployment test server Instructions Send release docs Release docs are located ...