Java SSL Helper
A set of scripts to help configuring Java to trust a self-signed SSL certificate.
This is commonly necessary in development environments and the procedure is arcane enough that I wrote these scripts to automate the process.
Obtaining the Certificate Key
Firstly you need to run the
grab-cert.sh script to obtain the certificate key:
./grab-cert.sh host > example.cert
If the host is using SSL on a non-standard port (the default is 443) you can specify it like so:
./grab-cert.sh host 1234 > example.cert
Installing and Trusting the Certificate
After this script has run you can then run the
install-cert.sh script to install and trust the certificate key:
./install-cert.sh example.cert my-key
This will attempt to install the key containing in
example.cert into your system JVM key store under the alias
my-key. Note that this requires
sudo because typically the JVM key store is in an area of the file system owned by root so you may receive a password prompt to grant sudo privileges.
Also note that the script assumes a Mac OS X based JVM which uses a key store password of
changeit, this may vary by OS and JVM (for example some installations use
changeme as a password) so you can specify the key store password like so:
./install-cert.sh example.cert my-key password
Alternatively if you don't have
sudo privileges on the system you are trying to install the key on then you can use the
install-cert-local.sh script instead which only installs the key to your local
.keystore file which will be in your home directory e.g.
./install-cert-local.sh example.cert my-key
Therefore these scripts are also licensed to you under the CC-BY-NC-SA license, please attribute Paul and myself (Rob Vesse) in any downstream projects.