SSL Certificate to Java Keystore

Context

When loading web resources via a secured https connection, the website's Security Certificate must be available to the Oracle's Java Runtime Engine used by Orbit.
Oracle includes certificates from widely recognized Certificate Authorities with a significant customer base and global reach.
Orbit embeds the most recent Jre available at release of a new version.

More information about Security Certificates and Java Keystore :

Orbit Logfile Error

Following exception is printed in the Orbit logfile if a certificate is missing :

javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Add Certificate to Java Keystore

Steps to add a certificate to the Java Keystore used by Orbit.

Download certificate from website

Browse to the secured website and download the certificate file via the browser's certificates manager.

  • File format : DER Encoded Binairy X.509 (CER)

Add certificate to Orbit's Java Keystore

From command line.

Go to Orbit's Jre bin directory.
On Windows

  • Client/Server
    <Orbit Installation Directory>/client/program/jre64/bin/
    <Orbit Installation Directory>/server/program/jre64/bin/
  • Standalone
    <Orbit Installation Directory>/program/jre/bin/

Execute following command :

keytool -import -alias <Alias> -keystore ..\lib\security\cacerts -file <File Directory>\<Filename>.cer
  • Alias : free of choice
  • Password : default, changeit, requested after prompt.

After confirmation and entering the password the message Certificate was added to keystore should be printed.

 
Last modified:: 2021/10/12 09:48