0

Suppose that I am trying to access an URL from eclipse plugin that uses a SSL certificate. The JRE used by eclipse is readonly. As admin user I am usually running following to add the SSL certificate from the URL.

keytool -import -alias <myName> -file <path/tocertificate> ..

But if regular users are not allowed to run the keytool, is there any other way to allow from java to access a URL address with certificates. Except for this solution that completely disables SSL checking.

Thank you Lidia

Lidia
  • 415
  • 1
  • 4
  • 21
  • The certificate would be stored in the keystore after running the keytool - other users would not have to use the keytool. The JRE would check for the certificate in the keystore at runtime so other users should have access to the URL after the certificate is imported – blurfus Feb 24 '20 at 22:03
  • No, I mean, I am not allowed to store the certificate into keystore , using keytool now, as the jre used is readonly. I have seen something similar on CodeCollaborator plugin for eclipse. It asks at start-up to accept the certificate and it is stored somewhere else. As the keytool from jre is readonly. I don't know how they implemented it, I just see that there should be such way. – Lidia Feb 24 '20 at 22:36
  • the JRE is ready only (makes sense) but the keystore is not (at least it does not have to be) since that's how you store certs in it. Even if it was read only, you run the keytool once (with the correct permissions), store the cert and then it would be readable for other users. – blurfus Feb 24 '20 at 22:38

0 Answers0