The below example involves importing a Zscaler root CA certificate into the java keystore on my Slackware installation.
1) General installation.
The certificate can be acquired from here and should be placed in /etc/ssl/certs/Zscaler-Dalzell.crt and also in /usr/local/share/ca-certificates/Zscaler-Dalzell.crt
then do sudo update-ca-certificates which regenerates /etc/ssl/certs/ca-certificates.crt
To verify, run: openssl verify -CAfile /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/Zscaler-Dalzell.crt
which should look like: /etc/ssl/certs/Zscaler-Dalzell.crt: OK
2) Java Specific
sudo keytool -import -trustcacerts -alias zscaler -file /etc/ssl/certs/Zscaler-Dalzell.crt -keystore /opt/jdk1.8.0_341/jre/lib/security/cacerts
Note: The destination, in this case '/opt/jdk1.8.0_341/jre/lib/security/cacerts' could quite equally point to a local installation, such as '/home/some_user//some_application/jre/lib/security/cacerts'
No comments:
Post a Comment
Note: only a member of this blog may post a comment.