• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Adding certificates to System Trusted Certificate keystore.

 
Ranch Hand
Posts: 281
Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Guys,

Please take some time to read through.

I am using JAVA 5 and OS is Windows XP, IE 6. ( cannot upgrade anything )

Our application is showing us a pop-up "The web site's certificate cannot be verified. Do you want to continue?" showing the option to "Always trust content from this publisher".

When I accept and tick the checkbox and proceed, the pop-up never appears. When I open the Java Control Panel, I can see the public certificate is added to the "USER" tab in "Trusted Certificates" keystore.

Question:

1 - How can I add the certificate using the keytool to the "Trusted Certificates" under "SYSTEM" tab and not the "USER" tab, so that any user who logs on to the system should not see the pop-up. ( how can I simulate the user accepting the certificate but adding that to the SYSTEM tab)

2 - I had used the following command line

jre1.5.0_17\bin>keytool -import -alias my.alias -keystore "C:\Program Files\Java\jre1.5.0_17\lib\security\cacerts" -file "C:\KEYS\MyCer.cer" -storepass changeit

Using this command line, the certificate gets added to the Signer CA keystore under the CACERTS and I don't get a pop-up anymore, but I wanted to know if this is a secured and correct way of doing that or am I bypassing the issue or violating any security policies ?

Please respond, I need help. Thanks in Advance Guys.


 
reply
    Bookmark Topic Watch Topic
  • New Topic