How to add server certificate into java application in eclipse
You have to add these parameters to your jvm Start up.
-Djavax.net.ssl.trustStore="<path to truststore>"
-Djavax.net.ssl.trustStorePassword=password
If you need more details about Java and SSL have a look at this.
user1714262
Updated on November 19, 2020Comments
-
user1714262 over 3 years
I've got a server application which uses:
import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLServerSocketFactory; import javax.net.ssl.SSLSocket;
This is a java application, which is a server itself - I'm not using any virtual servers and its not a web application. It is supposed to recieve connections from client applications and handle their requests. An interlayer between client applications and a database.
On launch it does run, but keeps spamming (cause of while (true) {}) this error:
javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled. at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(Unknown Source)
So, I've looked up few SSL Certificate creation guides and made a certificate using these commands:
keytool -genkey -alias serverprivate -keystore servestore -keyalg rsa -keysize 2048 keytool -export -alias serverprivate -keystore servestore -rfc -file server.cer
And imported it to my local certificate storage, so I can test it with my client application:
keytool -import -alias trustservercert -file server.cer -keystore clienttruststore
All of this was done in my $JAVA_HOME\bin directory. I also updated my eclipse.ini file with
-vm $JAVA_HOME\bin\javaw.exe
so eclipse will use my jdk7 virtual machine to run applications.
Same time I have tried copying
server.cer
andservestore
files into both $ECLIPSE_HOME and application home directories.The result is: same error message. It doesn't stop the application from running, but it remains.
Would really appreciate some help here. What am I doing wrong? Maybe there's a cool, detailed, newbie friendly guide on creating applications with SSL, which I couldn't find?
-
user1714262 over 11 yearsAwesome, thanks! I had to change trustStore in you're solution to keyStore and now it works while I get a connection. But as soon as I send anything through the stream I shuts down saying its
unable to find valid certification path to requested target
. But at least now I know which direction to dig into :) -
user1714262 over 11 yearsThough, could you really briefly explain me the schema for a keypair ssl (I want server and client both have certificates and authorize each other) setup? Something like: keyStore and trustStore and certificate on server, trustStore and certificate on client. Will be much appreciated. Thanks.
-
dngfng over 11 yearsThere are enough resource online such as this: stilius.net/java/java_ssl.php