Java Keytool error after importing certificate , “

2020-01-30 02:51发布

站内问答 / Java
1675 10 4

I'm trying to connect a Java Web API via HTTPS; however, an exception is thrown:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException

I followed these steps which I learned from online keytool & SSL cert tutorials:

  1. I copied the HTTPS URL into the browser, downloaded the SSL certificates & Installed them in the browser using Internet Explorer.

  2. Exported the certificates to a path on my computer, the certificates were saved as .cer

  3. Used the keytool's import option. The command below executed without any errors.

    keytool -import -alias downloadedCertAlias -keystore C:\path\to\my\keystore\cacerts.file -file C:\path\of\exportedCert.cer

  4. I was prompted for a password at the command prompt, which I entered then I was authenticated.

  5. The cmd window printed some certificate data & signatures and I was prompted with the question:

    Trust this certificate?

    I answered yes.

  6. The cmd prompt displayed

    Certificate was added to keystore

    However after that message, another exception was displayed:

    keytool error: java.io.FileNotFoundException: C:\Program files\...\cacerts <Access Denied>

Finally when I checked the keystore , the SSL certificate was not added and my application gives the same exception I was getting earlier when trying to connect:

(javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException)

10条回答
啃猪蹄的小仙女
2楼-- · 2020-01-30 03:18

You can give yourself permissions to fix this problem.

Right click on cacerts > choose properties > select Securit tab > Allow all permissions to all the Group and user names.

This worked for me.

查看更多
0人赞 添加讨论(0) 举报
Evening l夕情丶
3楼-- · 2020-01-30 03:20

I even run the command prompt as Administrator but it didn't work for me with the below error.

'keytool' is not recognized as an internal or external command,
 operable program or batch file.

If the path to the keytool is not in your System paths then you will need to use the full path to use the keytool, which is 

C:\Program Files\Java\jre<version>\bin

So, the command should be like

"C:\Program Files\Java\jre<version>\bin\keytool.exe" -importcert -alias certificateFileAlias -file CertificateFileName.cer -keystore cacerts

that worked for me.

查看更多
0人赞 添加讨论(0) 举报
做个烂人
4楼-- · 2020-01-30 03:20

SOLVED

  1. Just run CMD as an administrator.
  2. Make sure your using the correct truststore password
查看更多
0人赞 添加讨论(0) 举报
劫难
5楼-- · 2020-01-30 03:20

You can store orther disk or path (not C) EX : D\

C:\Program Files\Java\jre1.8.0_101\bin>keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore D:\myserver.jks -dname "CN=myserver,OU=IT-WebDev, O=TIACHOP, L=HCM, ST=0753, C=VN" && keytool -certreq -alias server -file D:\myserver.csr -keystore D:\myserver.jks

enter image description here

查看更多
0人赞 添加讨论(0) 举报
我只想做你的唯一
6楼-- · 2020-01-30 03:27

If you are using windows8:

  1. Click start button
  2. In the search box, type command prompt
  3. From the result, right-click command prompt and click Run as administrator. Then execute the keytool command.
查看更多
0人赞 添加讨论(0) 举报
闹够了就滚
7楼-- · 2020-01-30 03:29

I had the same problem under Windows and could solve it by running cmd.exe as administrator (right-click in start menu, then "Run as administrator).

查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)