Advertisement

06.02.2008 at 02:39PM PDT, ID: 23451387
[x]
Attachment Details

How to relaod the java keystore after updating the cacerts file?

Asked by jmurphy97 in ColdFusion Application Server, Java Server Pages (JSP), J2EE

Tags: Java, Internet Explorer 6-7

Hi,

I found a similar question on this site, but the solution is not what I am looking for.
I need to know if there is a way to reload the keystore/truststore while the JVM is running?  
I tried the following after adding the certificate to the cacerts file thinking it would force the JVM to reload the cacert file but its not working.

KeyStoreFile = System.getProperty("java.home")&"/lib/security/cacerts";
System.setProperty("javax.net.ssl.keyStore", KeyStoreFile);

When I open web page I get:
Error Message: peer not authenticated
Error Type: javax.net.ssl.SSLPeerUnverifiedException

When using ColdFusions <cfhttp> tag  for an SSL site I get:
Connection Failure

If I restart the JVM the JSP page and ColdFusion <cfhttp> tag work fine. I have been successful with using a Trust ALL TrustManager to accept all certificates but this is not very secure and will not be allowed in production. I also do not want to create a new keystore each time, since it is not a solution when using ColdFusions <cfhttp> tag which will fail on SSL connections unless the certificate is trusted. So that is why I am looking for a way to reload the keystore at runtime if possible and avoid having to notify users of a restart.

Thanks
Rick
Start Free Trial
[+][-]06.03.2008 at 02:42PM PDT, ID: 21704844

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.03.2008 at 03:19PM PDT, ID: 21705102

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.04.2008 at 05:23AM PDT, ID: 21709240

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: ColdFusion Application Server, Java Server Pages (JSP), J2EE
Tags: Java, Internet Explorer 6-7
Sign Up Now!
Solution Provided By: girionis
Participating Experts: 2
Solution Grade: B
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628