Silent import Java Certificate
I've got a problem with importing a Java certificate silently.
I've packaged Swift Alliance Webstation and this program got a "not signed" certificate.
When starting the program Java comes with the question to trust this program for every site.
Then click yes and go to Java Certificates (Control Panel). Now there's a Certificate that can be exported...
My question is: How do I export this certificate silently with the keytool from Java?
I found the following line on the Sun forum, but it won't show me the certificate in the GUI under the trusted certificates...
"%JREPATH%bin\keytool.exe" -import -v -noprompt -file "%Path to your certificate%" -keystore "%JREPATH%lib\security\cacerts" -alias %certificate alias name% -storepass changeit -storetype JKS
I've packaged Swift Alliance Webstation and this program got a "not signed" certificate.
When starting the program Java comes with the question to trust this program for every site.
Then click yes and go to Java Certificates (Control Panel). Now there's a Certificate that can be exported...
My question is: How do I export this certificate silently with the keytool from Java?
I found the following line on the Sun forum, but it won't show me the certificate in the GUI under the trusted certificates...
"%JREPATH%bin\keytool.exe" -import -v -noprompt -file "%Path to your certificate%" -keystore "%JREPATH%lib\security\cacerts" -alias %certificate alias name% -storepass changeit -storetype JKS
0 Comments
[ + ] Show comments
Answers (2)
Please log in to answer
Posted by:
yoshi
14 years ago
Realize this is old but thought I'd post for others - you got me on the right track... the following worked per user with 1.6.0_20
I installed the Java App, went into the Java control panel and exported the certificate, then removed it to test. Also tested on other machines running XP Pro SP3.
C:\Program Files\Java\jre6\bin>
keytool -importcert -file "exported-certificate" -keystore "c:\documents and settings\%USERNAME%\application data\sun\java\deployment\security\trusted.certs" -storepass "" -noprompt
I installed the Java App, went into the Java control panel and exported the certificate, then removed it to test. Also tested on other machines running XP Pro SP3.
C:\Program Files\Java\jre6\bin>
keytool -importcert -file "exported-certificate" -keystore "c:\documents and settings\%USERNAME%\application data\sun\java\deployment\security\trusted.certs" -storepass "" -noprompt
Comments:
-
Thanks, this worked perfectly. - andyviar 11 years ago
Posted by:
pjbaars
15 years ago
I got the same problem with packaging of a Nortel VPN Client.
Using CertMgr.exe is what I did.
First I installed the vendor setup on a clean packaging machine. Then via the MMC snapin "Certificates" I was able to locate the certificate and export it to a cer-file.
After that I placed the cer-file in my package and with a CustomAction I used CertMgr.exe to import it on the pc. In my case I had to import the certificate in the Trusted Publishers keystore so commandline in my CustomAction is:
"CertMgr.exe -add NortelCertificate.cer -d -r localMachine trustedpublisher"
I placed the CustomAction in ExecuteDeferred right before the CustomAction of the vendor which installs the driver.
Hope this will help.
Grtz,
Peter Baars
Using CertMgr.exe is what I did.
First I installed the vendor setup on a clean packaging machine. Then via the MMC snapin "Certificates" I was able to locate the certificate and export it to a cer-file.
After that I placed the cer-file in my package and with a CustomAction I used CertMgr.exe to import it on the pc. In my case I had to import the certificate in the Trusted Publishers keystore so commandline in my CustomAction is:
"CertMgr.exe -add NortelCertificate.cer -d -r localMachine trustedpublisher"
I placed the CustomAction in ExecuteDeferred right before the CustomAction of the vendor which installs the driver.
Hope this will help.
Grtz,
Peter Baars
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.