Generate CA certificates for Java

|
Programming/ Java
| Java

Generate CA certificates for Java

packages

1
2
3
# dpkg -l | grep ca-certificates
ii  ca-certificates         20190110    all     Common CA certificates
ii  ca-certificates-java    20190405    all     Common CA certificates (JKS keystore)

generate cacerts

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
storepass='changeit'
JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar

rm -f /etc/ssl/certs/java/cacerts
find /etc/ssl/certs -name \*.pem | \
while read filename; do
    alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
    alias=${alias%*_}
    if [ -n "$FIXOLD" ]; then
        echo "-${alias}"
        echo "-${alias}_pem"
    fi
    echo "+${filename}"
done | \
java -Xmx64m -jar $JAR -storepass "$storepass"

results

1
2
3
4
5
6
7
8
ls -la /etc/ssl/certs/java/cacerts
sha256sum /etc/ssl/certs/java/cacerts

# ls -la /etc/ssl/certs/java/cacerts
-rw-r--r-- 1 root root 150689 2019-11-15 21:24 /etc/ssl/certs/java/cacerts

# sha256sum /etc/ssl/certs/java/cacerts
0d0041de796beaecfd8a2f859e3c642839fa9d6567d6da394fed2d001076c765  /etc/ssl/certs/java/cacerts