Samstag, 8. November 2014

Challenge: Certificates from the cloud - error: "Certificate was issued by an unrecognized entity"

My environment: Windows7 - JDEV 12.1.3 - MAF

When developing with MAF version 12.1.3 I came across the challenge using certificates.

The error on my app was: "Certificate was issued by an unrecognized entity"

My usecase is a MAF app consuming my REST service in the cloud... (How to consume a Rest Service - dok in German)
so I had to download/extract the certificate of the cloud environment to put it in the MAF app.

In JDEV in my MAF project under "Application Resources" and "Resources" - "Security" we can find the certificate store "cacerts".

I used OPENSSL to extract the certificate from the host in the cloud.

I had to make use of HOST:PORT which reads as follows:

in command line (on an Ubuntu/Linux machine) I had to use:

openssl s_client -connect -showcerts

I copied the certificate (between BEGIN CERTIFICATE and END CERTIFICATE inkl. the BEGINN... and END...) to a textfile, named it "new_cert" and copied it next to my "keytool", which resides in the ..[JAVA-HOME]/jdk/bin directory.
BTW: The "keytool" is used to manipulate certificates (create/copy/add/change...).
Then I also copied the "cacerts" file from JDEV MAF project to the /jdk/bin directory.
You'll find "cacerts" in the MAF project directory.
Mine reads C:\JDeveloper\mywork\JDEV12103\MyMobileApp\resources\security

So having BOTH copied to the /jdk/bin directory I started to work with the "keytool".
Command window:

keytool -importcert -keystore cacerts -file new_cert -storepass changeit -noprompt

Thats it.
The basic steps I got from Pervasync Blog posted here - thanks to him!! and thanks to Jürgen Menge for some hints!

Keine Kommentare:

Kommentar veröffentlichen