SyntaxFix

[java] java - path to trustStore - set property doesn't work?

I've setup a self-signed certificate to test an ssl java connection - however, it is refusing to locate the java trustStore. I've saved copies of it in /Java/jre6/lib/security in addition to the folder where the classes are compiled to (im using netbeans) and also to /java/jre6/bin none of the above appears to work, because when i run the following - trustStore = null.

public class ShowTrustStore {

    public static void main(String[] args) {

        System.setProperty("javax.net.ssl.keyStore", "keystore.jks");
        System.setProperty("javax.net.ssl.trustStrore", "cacerts.jks");
        System.setProperty("javax.net.ssl.keyStorePassword", "changeit");



        String trustStore = System.getProperty("javax.net.ssl.trustStore");
        if (trustStore == null) {
            System.out.println("javax.net.ssl.trustStore is not defined");
        } else {
            System.out.println("javax.net.ssl.trustStore = " + trustStore);
        }
    }
}

how to set the path correctly?

**********UPDATE************ Using the getFile() method and some more debug data:

package ssltest;

public class Main {

    public static void main(String[] args) {

//        System.setProperty("javax.net.ssl.keyStore", "/keystore.jks");
//        System.setProperty("javax.net.ssl.trustStrore", "/java.home/cacerts.jks");
//        System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
//        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

        try {
            Main.class.getResource("trustStore.jks").getFile();
        } catch (Exception e) {
            e.printStackTrace();
        }

        String trustStore = System.getProperty("javax.net.ssl.trustStore");

        if (trustStore == null) {
            String storeLoc;
            storeLoc = System.getProperty("java.class.path");
            System.out.println("classpath: " + storeLoc);
        }

        trustStore = System.getProperty("javax.net.ssl.trustStore");
        if (trustStore == null) {
            System.out.println("javax.net.ssl.trustStore is not defined");
        } else {
            System.out.println("javax.net.ssl.trustStore = " + trustStore);
        }
    }
}

run: java.lang.NullPointerException classpath: C:\Users\Main\Documents\NetBeansProjects\sslTest\build\classes;C:\Users\Main\Documents\NetBeansProjects\sslTest\src at ssltest.Main.main(Main.java:15) javax.net.ssl.trustStore is not defined BUILD SUCCESSFUL (total time: 0 seconds)

This question is related to java ssl keystore jsse truststore

The answer is

Both

-Djavax.net.ssl.trustStore=path/to/trustStore.jks

and

System.setProperty("javax.net.ssl.trustStore", "cacerts.jks");

do the same thing and have no difference working wise. In your case you just have a typo. You have misspelled trustStore in javax.net.ssl.trustStore.

Alternatively, if using javax.net.ssl.trustStore for specifying the location of your truststore does not work ( as it did in my case for two way authentication ), you can also use SSLContextBuilder as shown in the example below. This example also includes how to create a httpclient as well to show how the SSL builder would work.

SSLContextBuilder sslcontextbuilder = SSLContexts.custom();

sslcontextbuilder.loadTrustMaterial(
            new File("C:\\path to\\truststore.jks"), //path to jks file
            "password".toCharArray(), //enters in the truststore password for use
            new TrustSelfSignedStrategy() //will trust own CA and all self-signed certs
            );

SSLContext sslcontext = sslcontextbuilder.build(); //load trust store

SSLConnectionSocketFactory sslsockfac = new SSLConnectionSocketFactory(sslcontext,new String[] { "TLSv1" },null,SSLConnectionSocketFactory.getDefaultHostnameVerifier());

CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsockfac).build(); //sets up a httpclient for use with ssl socket factory 



try { 
        HttpGet httpget = new HttpGet("https://localhost:8443"); //I had a tomcat server running on localhost which required the client to have their trust cert

        System.out.println("Executing request " + httpget.getRequestLine());

        CloseableHttpResponse response = httpclient.execute(httpget);
        try {
            HttpEntity entity = response.getEntity();

            System.out.println("----------------------------------------");
            System.out.println(response.getStatusLine());

            EntityUtils.consume(entity);
        } finally {
            response.close();
        }
    } finally {
        httpclient.close();
    }

Looks like you have a typo -- "trustStrore" should be "trustStore", i.e.

System.setProperty("javax.net.ssl.trustStrore", "cacerts.jks");

should be:

System.setProperty("javax.net.ssl.trustStore", "cacerts.jks");

Source: Stackoverflow.com

Examples related to java

Under what circumstances can I call findViewById with an Options Menu / Action Bar item? How much should a function trust another function How to implement a simple scenario the OO way Two constructors How do I get some variable from another class in Java? this in equals method How to split a string in two and store it in a field How to do perspective fixing? String index out of range: 4 My eclipse won't open, i download the bundle pack it keeps saying error log

Examples related to ssl

Requests (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.") Error in PyCharm requesting website A fatal error occurred while creating a TLS client credential. The internal error state is 10013 curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number How to install OpenSSL in windows 10? ssl.SSLError: tlsv1 alert protocol version Invalid self signed SSL cert - "Subject Alternative Name Missing" "SSL certificate verify failed" using pip to install packages ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749) Powershell Invoke-WebRequest Fails with SSL/TLS Secure Channel "ssl module in Python is not available" when installing package with pip3

Examples related to keystore

What is difference between cacerts and keystore? Where is debug.keystore in Android Studio keytool error Keystore was tampered with, or password was incorrect How to add certificate chain to keystore? Default keystore file does not exist? How to list the certificates stored in a PKCS12 keystore with keytool? How to check certificate name and alias in keystore files? How to properly import a selfsigned certificate into Java keystore that is available to all Java applications by default? What certificates are trusted in truststore? Difference between .keystore file and .jks file

Examples related to jsse

javax.net.ssl.SSLException: Received fatal alert: protocol_version Keystore type: which one to use? java - path to trustStore - set property doesn't work? Java client certificates over HTTPS/SSL How can I use different certificates on specific connections? scp via java

Examples related to truststore

Specifying trust store information in spring boot application.properties What certificates are trusted in truststore? java - path to trustStore - set property doesn't work? How can I use different certificates on specific connections? Digital Certificate: How to import .cer file in to .truststore file using? Truststore and Keystore Definitions

Tags

Solid-state-drive Ampl Wkhtmltopdf Platform-independence Cache-control Createprocess Testng Zend-route Liveconnect Phrases Chaco Gprs Datecreated Control-array Ravendb Threadpool Pdf-parsing Location-provider Threadcontext Heterogeneous Stun Healthvault Payflowpro Futex Configuration-files Screen-grab Renderpartial Smartpart Data-generation Variable-length Httplistenerrequest String-to-datetime Nswindowcontroller Accessorytype Sun Wxerlang Datejs Telerik-mvc Ilog Html-agility-pack Calculus Narc Tablemodel Buildout Editcontrol Ocsp Cod Stable-marriage Desktop-shortcut Assembly.load Time-format Writing Rich-media Enscript Ceil Kdelibs Pagefile Xbap Winpcap Aspmenu Soql Spartan Cryptoapi Html-manipulation Cl.exe Gridview-sorting Wcftestclient Data-presentation Vhd Murky Entitykey Sse3 Geomap Package-managers Query-builder Shellexecute Yank Voldemort Rman Msbuildextensionpack Twitter-gem Contract-first Email-spam Common-code Formal-methods Facebook-fql Inspection Smali Smtp-auth Power-series Virtualpathprovider Lemon Simpleworkerrequest Javapos Namespace-organisation Database-management Sha Coordinate-systems Inclusion Mel