wood burning stoves 2.0*
The moose likes Security and the fly likes Adding certificates to System Trusted Certificate keystore. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Adding certificates to System Trusted Certificate keystore." Watch "Adding certificates to System Trusted Certificate keystore." New topic

Adding certificates to System Trusted Certificate keystore.

Robin John
Ranch Hand

Joined: Sep 10, 2008
Posts: 270

Hi Guys,

Please take some time to read through.

I am using JAVA 5 and OS is Windows XP, IE 6. ( cannot upgrade anything )

Our application is showing us a pop-up "The web site's certificate cannot be verified. Do you want to continue?" showing the option to "Always trust content from this publisher".

When I accept and tick the checkbox and proceed, the pop-up never appears. When I open the Java Control Panel, I can see the public certificate is added to the "USER" tab in "Trusted Certificates" keystore.


1 - How can I add the certificate using the keytool to the "Trusted Certificates" under "SYSTEM" tab and not the "USER" tab, so that any user who logs on to the system should not see the pop-up. ( how can I simulate the user accepting the certificate but adding that to the SYSTEM tab)

2 - I had used the following command line

jre1.5.0_17\bin>keytool -import -alias my.alias -keystore "C:\Program Files\Java\jre1.5.0_17\lib\security\cacerts" -file "C:\KEYS\MyCer.cer" -storepass changeit

Using this command line, the certificate gets added to the Signer CA keystore under the CACERTS and I don't get a pop-up anymore, but I wanted to know if this is a secured and correct way of doing that or am I bypassing the issue or violating any security policies ?

Please respond, I need help. Thanks in Advance Guys.

Time is what we want the most, but what we use the worst. -- William Penn
Consider Paul's rocket mass heater.
subject: Adding certificates to System Trusted Certificate keystore.
Similar Threads
ssl configuration in tomcat
problem calling a remote webservice [ Algo Error]
What is Certificate and how to configure it in cacerts file...
How to make JDK trust a Certificate
Unable to find valid certification path to requested target