An https/SSL connection to a website requires you to accept/trust a certificate in order to proceed. When trying to make an https connection from an application/program you need to install the certificate and build a keystore in the process.

Here is the outline of the process:

1. Get the certificate :

Firefox: Add this extension to the browser
Now try accessing the address that you need the certificate from and use the extension from above to export the certificate as a *.pem file.
Internet Explorer: Try to access the address and once you get the Security Alert box click on “View Certificate” and then the “Details” tab in the new window that appears. Use the “Copy to file..” button to export the certificate.

2. If not present, create a directory named “security” in the location “%JAVA_HOME%\lib”

3. Java has a keytool utility in its bin folder. Use the following command to install/create the keystore using the file from Step 1 above.

keytool –import -alias salesforce -keystore %JAVA_HOME%\lib\security\cacerts -file “path-of-file\filename” -trustcacerts

4. The default password for the keystore is “changeit”. When prompted “Enter keystore password: “, provide the password.

5. There will now be a confirmation to to trust the certificate along with other information like the certificate fingerprints. Proceed with “yes”.

6. The confirmation message “Certificate was added to keystore” will be displayed.

7. Add the following to the run.bat file (This is for the Jboss application server in Windows)

set JAVA_OPTS=%JAVA_OPTS%\lib\security\cacerts


Technorati Tags: , , , , , , ,