Importing SSL Certificate into Eclipse

There's a better tool for the job.

KeyStore Explorer

When you run (run as administrator in windows in order to save changes to system, sudo in linux, etc.) the application (it has installers for win/mac/linux) there's a built-in function to edit the system's cacerts file:

File -> Open Special -> Open CA Certificates

Open CA Certificates

EITHER you already have the certificate file and you can go to:

Tools -> Import Trusted Certificate

OR you need to download the certificate from the server; go to:

Examine -> Examine SSL

Examine menu

Examine SSL

From there type in the hostname and click ok. It will pop up a window showing the certificate details. At the bottom of that window there's an "Import" button that will allow you to directly import it into the cacerts.

Certificate Details for SSL Connection

Make sure you save and close cacerts, and restart your eclipse/application for the settings to take effect.


Probably you want to import a "fake" SSL cert in JRE's trustcacerts for avoiding not-a-valid-certificate issues. Isn't it?

As Jon said, you can do the job with keytool:

keytool
    -import
    -alias <provide_an_alias>
    -file <certificate_file>
    -keystore <your_path_to_jre>/lib/security/cacerts

Use "changeit" as the default password when asked (thanks Brian Clozel). Ensure to use this runtime at your server or launch configuration.


In case you have the certificate already in your Windows' certificate store (this is common in corporate/company deployments with MITM certificates), you can also use the following steps (with help from another Stackoverflow answer with more detailed explaination):

  1. Locate the eclipse.ini file in your Eclipse installation and open it

  2. Below the line -vmargs, add the following lines, then save the file:

-Djavax.net.ssl.trustStore=NUL
-Djavax.net.ssl.trustStoreType=Windows-ROOT
  1. Restart eclipse.

We need to import a certificate means we need to use :

keytool 
 -importcert 
 -file <certificate_location> 
 -keystore <jre_location\lib\security\cacerts> 
 -alias "<cert_name>"

It will ask for a password. Type the password as changeit

Type Password : changeit

finally it will ask need to add {yes/no} :

type yes.

Note: Don't give blank space in location path

Tags:

Java

Eclipse

Ssl

Ssl Certificate

Recent Posts