Shulou(Shulou.com)05/31 Report--

This article will explain in detail how to add WoSign root certificate to JDK. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

The Chinese version of Azure uses a domestic WoSign certificate-comparable to the infamous CNNIC. Apple does not trust WoSign certificates, which is why the certificate is not trusted when accessing www.azure.cn in Mac OS. Similarly, JDK does not like this product, which leads to a "PKIX path building failed" error when calling Azure China's API with Java.

Because JDK does not use the certificate store of the Windows operating system, although Windows trusts WoSign, you still need to manually add the WoSign root certificate to JDK's trusted certificate store.

To http://www. Wosign . Com/Root/index.htm downloads the WoSign root certificate (this domain name turns out to be a forbidden word for cnblogs.)

Add the WoSign root certificate to JDK:

Keytool-keystore C:\ Java8\ jdk1.8.0_92\ jre\ lib\ security\ cacerts-importcert-alias WoSign-file C:\ Users\ hunte\ Deskto p\ WS_CA1_NEW.cer

Command format:

Keytool-keystore [JAVA_HOME directory]\ jre\ lib\ security\ cacerts-importcert-alias WoSign-file [location of WoSign root certificate file]

When you see a prompt similar to the following, the root certificate was added successfully.

If an error occurs, check to see if "% JAVA_HOME%\ bin" is included in the local PATH environment variable. In addition, try not to install JDK and JRE into the "Program Files" directory, where spaces often cause inexplicable trouble.

After the root certificate is successfully added, add a line before you need to call the Java code of Azure Chinese version of API:

System.setProperty ("javax.net.ssl.trustStore", "C:\\ Java8\ jdk1.8.0_92\\ jre\\ lib\\ security\\ cacerts")

Note here that the second parameter should be consistent with the certificate store location written earlier when adding the root certificate, and the directory-separated backslash should be escaped (\) in the Windows environment.

After going through the above steps, calling Azure Chinese version of API in Java will work properly.

This is the end of the article on "how to add WoSign root certificate to JDK". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.