Skip to content
Branch: master
Go to file

Latest commit

cshtdd committed d35e4c1 Jun 12, 2020
* Add a quiet option to assume the first certificate

* Zero is the first certificate

* Add  a log line to indicate the --quiet behavior

* No need for this. Default integers are zero

* Compile before pushing


Failed to load latest commit information.


Java program written by Andreas Sterbenz, and posted on a blog in Oct, 2006:

Link to Java program in Andreas' blog no longer works, but the source was linked in another blog:

Need to compile, first:

Note: since java 11, you can run it directly without compiling it first:
java --source 11 <args>

# Access server, and retrieve certificate (accept default certificate 1)
java InstallCert [--proxy=proxyHost:proxyPort] <host>[:port] [passphrase]

# Extract certificate from created jssecacerts keystore
keytool -exportcert -alias [host]-1 -keystore jssecacerts -storepass changeit -file [host].cer

# Import certificate into system keystore
keytool -importcert -alias [host] -keystore [path to system keystore] -storepass changeit -file [host].cer

# Example:
java InstallCert

    Loading KeyStore /usr/lib/jvm/java-6-sun-
    Opening connection to
    Starting SSL handshake... PKIX path building failed: unable to find valid certification path to requested target


    Server sent 1 certificate(s):

     1 Subject O=Woot Inc, C=US, ST=Texas, L=Carrollton, CN=*
       Issuer  CN=SecureTrust CA, O=SecureTrust Corporation, C=US
       sha1    4b 46 ca 6b 83 05 b3 51 ff c6 e7 9c fd b3 9b e3 3f 2e c4 53 
       md5     e8 a5 88 1b d5 67 bb fc 88 cc b1 c5 2b ac c4 7d 

    Enter certificate to add to trusted keystore or 'q' to quit: [1]


      Version: V3
      Subject: O=Woot Inc, C=US, ST=Texas, L=Carrollton, CN=*
      Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5


    Added certificate to keystore 'jssecacerts' using alias ''

keytool -exportcert -alias -keystore jssecacerts -storepass changeit -file

    Certificate stored in file <>
(sudo) keytool -importcert -alias -keystore /usr/lib/jvm/java-6-sun- -storepass changeit -file

    Owner: O=Woot Inc, C=US, ST=Texas, L=Carrollton, CN=*
    Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
    Trust this certificate? [no]:

    Certificate was added to keystore


Java program to retrieve server certificate that can be added to local keystore



No releases published


You can’t perform that action at this time.