I have a server with a self signed certificate, but also requires client side cert authentication. I am having a rough time trying to get the raw CA server cert so I can import it into a keystore. Anyone have some suggestions on how to easily do that? Thanks.
+1
A:
You can export a certificate using Firefox, this site has instructions. Then you use keytool to add the certificate.
Jon Freedman
2010-09-10 14:50:19
A:
I once struggled quite some time with something like this and decided to write a blog post. I hope nobody objects to me posting a link.
musiKk
2010-09-10 15:08:11
Nice discussion, unfortunately it doesn't appear to answer the question the OP was asking.
GregS
2010-09-11 12:35:35
Looking at the other answers I think it does. But I'm not really sure, the question is a bit vague.
musiKk
2010-09-11 12:57:17
A:
There were a few ways I found to do this:
Firefox: Add Exception -> Get Certificat -> View -> Details -> Export...
KeyMan (http://www.alphaworks.ibm.com/tech/keyman) You can get SSL cert directly from the File -> Import menu
InstallCert (http://blogs.sun.com/andreas/entry/no_more_unable_to_find)
java InstallCert [host]:[port]
keytool -exportcert -keystore jssecacerts -storepass changeit -file output.cert
keytool -importcert -keystore [DESTINATION_KEYSTORE] -file output.cert
wuntee
2010-09-10 15:41:01
I've used Andreas Sterbenz's InstallCert class before too, its useful if you need a certificate for a host which doesn't accept HTTP GET requests
Jon Freedman
2010-09-10 15:53:48