Thanks to this stack overflow post, I found I am able to add a certificate to the java keystore in order to resolve an ssl handshake error. Although this method works, every user of my application also needs to run the commands, which seems avoidable. I do not control the certificate, so I cannot use a certificate that would be automatically widely recognized.
echo | openssl s_client -connect <host>:<port> | gsed -n '/BEGIN/,/END/p' > tmp.crt
sudo keytool -importcert -file tmp.crt -alias <alias_name> -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit
rm tmp.crt
I am wondering if there is a solution via maven (or potentially another method) that allows me to fetch the certificate automatically so that other users don't have to run these commands. I could provide a bash script to "simplify" the process, but I don't want to mess with portability quirks. Even then, they'd still have to run the script manually, which I wouldn't prefer.
My project uses spring boot 2.0, in case it helps knowing that. I'm new to spring boot and know it has a lot of features, but I don't think it has something to support auto-adding specific certificates.
I know maven can be run such that all certificates are accepted, which I don't want either. Maybe there is a plugin that I could use?
I would prefer a solution that can be put into a pom.xml file as opposed to command line arguments so that I can commit my changes into a github repository.
