HTTPS for Java

The following section provides steps to configure the JAVA keystore on a Java client machine (for example: DataView Importer service). This allows a JAVA application to connect to the secured InfoPlatform service.
  1. Generate the SSL certificate.
  2. Import the certificate.
  • In Windows System:
    1. Verify the location of Java runtime environment.
      Environment Variables
    2. Copy the certificate and paste in the following location (based on the JAVA_HOME set in environment variable shown above):
      C:\Program Files\AdoptOpenJDK\jdk-11.0.5.10-hotspot
    NOTE:
    The JDK path may change based on the Java version used in DataView, ensure that the certificates are copied into correct
    <Java_Install_Directory>\lib\security
    path.
    InfoPlatform Certificate
    1. Execute the following command with administrative privileges:
      keytool -import -alias <fully-qualified-domain-name> -keystore cacerts -file <certificate>.cer
    2. When prompted enter the password, the default password is “changeit”
      Import Certificate
  • In Linux System:
    1. Copy the certificate and paste in the following location:
      /usr/lib/jvm/adoptopenjdk-11-hotspot/lib/security
      NOTE:
      The JDK path may change based on the Java version used in DataView, ensure that the certificates are copied into correct
      <Java_Install_Directory>/lib/security
       path.
      InfoPlatform Certificate
    2. Execute the following command with root privileges:
      keytool -import -alias <fully-qualified-domain-name> -keystore cacerts -file <certificate>.cer
    3. When prompted enter the password, the default password is “changeit”
      Import Certificate
    1. In the Java client, use the “Issued To” name for the SSL certificate in the https: url
      NOTE:
      The "Issued To" field indicates the name of the host machine to which the certificate applies.
  • Possible Errors:
    1. Error executing request:
       sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification. This is sometimes caused because the certificate has not been added to the java keystore correctly.
      NOTE:
      Add the certificate of a remote server into the client’s keystore as well in order for java clients to get signalr over ssl This entails copying the exported cer file from the server onto the client and running the keytool command for it.
    2. HubConnection - Error: java.lang.Exception:
      The fully qualified name is not a valid property. The fully qualified name for the tag may not exist on the server.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.