I am creating a Java client program that will send sensitive information to a Tomcat server. Therefore, I need to use an SSL connection so that the information is encrypted.
I need to use a self-signed untrusted certificate, but you have problems connecting to the java client.
I successfully installed Tomcat 5.5 to use SSL and tested it through Firefox, which displays a warning about a self-signed certificate.
I watched the SSL setup for Tomcat 5.5 and they mentioned to create a keystore:
keytool -genkey -alias tomcat -keyalg RSA
Then I did the export above:
keytool -export -keystore .keystore -alias tomcat -file localhost.cer
Then I imported the above certificate into the client machine:
keytool -import -alias tomcat -file localhost.cer -keystore "C:\Program Files"\Java\jdk1.6.0_17\jre\lib\security\cacerts"
But when I start the client, I get:
Exception in the main thread javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: Failed to create PKIX path: sun.security.provider.certpath.SunCertPathBuilderException: could not find a valid certification path for the requested target
This is the client code:
URL url = new URL("https://localhost:8443"); HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); conn.setSSLSocketFactory(sslsocketfactory); InputStream inputstream = conn.getInputStream();
Now I just started playing with these certificates today, and I'm new to keystores, so please be patient.
Can someone explain how to export and import the certificate created in Tomcat to the client machine?
Thanks.
Marquinio
source share