pako pako - 21 days ago 5
Java Question

How to get a *.cer file to add a self-signed HTTPS certificate as trusted for Java

I'm connecting to a HTTPS website with a self-signed certificate using a Java applet. The applet can't open the HTTPS connection - it returns the following exception:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


So the problem is that I need to add the certificate as "trusted" for Java. I read that I should use the following command:

keytool -import -alias abc -file ABCCA.cer


Am I correct? How do I retrieve the *.cer file? The server is running Debian 5. I'm using Windows 7 and Java 6 on the client machine.

Answer

Connect to the https server with a browser and export the certificate.

With firefox is is done by double-clicking on the lock in the status bar, clicking on the button "View certificate", then in the "Details" tab, click on "Export..."