views:

181

answers:

1

I'm connecting to a HTTPS website with a self-signed certificate using a Java applet. The applet can't open the HTTPS connection - it returns the following exception:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

So the problem is that I need to add the certificate as "trusted" for Java. I read that I should use the following command:

keytool -import -alias abc -file ABCCA.cer

Am I correct? How do I retrieve the *.cer file? The server is running Debian 5. I'm using Windows 7 and Java 6 on the client machine.

+1  A: 

Connect to the https server with a browser and export the certificate.

With firefox is is done by double-clicking on the lock in the status bar, clicking on the button "View certificate", then in the "Details" tab, click on "Export..."

Maurice Perry
The exported file has *.crt extension. Should I just change it to *.cer? Would it be compatible with Java?
pako
keytool should undertand it. Otherwise, try the .der or .pem format.
Maurice Perry