将Windows证书导入Java [英] Import Windows certificates to Java

问题描述

我有一个java服务器试图通过SSL连接到外部Ldap服务器（作为客户端以执行查询）。

I have a java server that is trying to connect to an external Ldap server through SSL (as a client in order to perform queries).

我有连接有问题，因为他们在连接时发送给我的证书只在我的本地Windows Truststore中受信任，但在java truststore（cacerts）中不存在。

I'm having trouble connecting since the certificate they send me upon connecting is trusted only in my local windows Truststore but is not present in java truststore (cacerts).

有没有办法告诉我Java可以信任Windows可以信任的任何证书吗？

Is there a way to tell Java to trust any certificate that windows would have trust?

或者，有没有办法将所有可信证书从windows truststore导入Java的cacerts？

Or, alternatively, is there a way to import all trusted certificates from windows truststore to Java's cacerts?

任何想法都会受到赞赏。

Any idea would be appreciated.

推荐答案

有没有办法告诉Java信任windows可信任的任​​何证书？

Is there a way to tell Java to trust any certificate that windows would have trust?

不，你必须在 jre / lib / security / cacerts 或设置自己的信任库：

No, you have to use the JVM default at jre/lib/security/cacerts or set your own truststore:

System.setProperty ("javax.net.ssl.trustStore", path_to_your_trustore_jks_file);
System.setProperty ("javax.net.ssl.trustStorePassword", "password");

有没有办法将所有受信任的证书从windows truststore导入到Java的cacerts？

is there a way to import all trusted certificates from windows truststore to Java's cacerts?

没有任何自动过程，但您可以构建一个程序从Windows证书库中提取受信任的权限并导入到配置为在您的应用程序中使用的信任库（不建议修改cacerts）

There is no any automatic process, but you could build a program to extract trusted authorities from windows certificate store and import into a truststore configured to use in your application (modifying cacerts is not recommended)

//Read Windows truststore
KeyStore ks = KeyStore.getInstance("Windows-ROOT ");
ks.load(null, null) ;

这篇关于将Windows证书导入Java的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！