How to configure trustStore for javax.net.ssl.trustStore on windows?
Actually all you need to do is use Windows-ROOT
as trustStoreType
. This will use built-in certificates so if anything works in your browser then it should work.
- Add to VM options:
-Djavax.net.ssl.trustStoreType=Windows-ROOT
-Djavax.net.ssl.trustStore=C:\\Windows\\win.ini
- Restart the server.
Note! Probably any readable file can be used as a trustStore
path. It's not really used.
You can also use Windows-MY
instead so:
-Djavax.net.ssl.trustStoreType=Windows-MY
See also: https://github.com/gradle/gradle/issues/6584#issuecomment-431862413.
You should first check what certificate server is sending you.To do it:
- Turn on ssl debug: -Djavax.net.debug=all
- Find the following lines in log: *** Certificate chain ...
- Find who the issuer of certificate
- Add issuer certificate to some trust store (actually if you receive cert. chain you can add root certificate)
- Rerun with -Djavax.net.ssl.trustStore=path/to/new/truststore and -Djava.net.ssl.trustStorePassword=...
BTW:
- You don't need to explicitly specify java trust store
- every setting of same system property overrides previous value
- you have strange line: DEBUG: trying to connect to host "10.53.151.183", port 143, isSSL false