You could use a similar pattern to what I’ve mentioned in a previous answer (for a different problem). Essentially, get hold of the default trust manager, create a second trust manager that uses your own trust store. Wrap them both in a custom trust manager implementation that delegates call to both (falling back on the … Read more
# Copy the certificate into the directory Java_home\Jre\Lib\Security # Change your directory to Java_home\Jre\Lib\Security> # Import the certificate to a trust store. keytool -import -alias ca -file somecert.cer -keystore cacerts -storepass changeit [Return] Trust this certificate: [Yes] changeit is the default truststore password
Create an SSLSocket factory yourself, and set it on the HttpsURLConnection before connecting. … HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); conn.setSSLSocketFactory(sslFactory); conn.setMethod(“POST”); … You’ll want to create one SSLSocketFactory and keep it around. Here’s a sketch of how to initialize it: /* Load the keyStore that includes self-signed cert as a “trusted” entry. */ KeyStore keyStore = … Read more
A keystore contains private keys, and the certificates with their corresponding public keys. A truststore contains certificates from other parties that you expect to communicate with, or from Certificate Authorities that you trust to identify other parties.