IBM FileNet P8, Version 5.2            

Downloading and importing certificates

If you are using a Java™ applet, such as Search Designer, in an SSL environment, you might experience an SSLHandshakeException because the appropriate certificate does not exist on your computer. Use the following procedure to download a certificate, and then import the certificate into your Java plug-in keystore.

To download and import a certificate:

  1. Log in to your application in Internet Explorer, and open one of the Java applets, such as Search Designer or Image Viewer.
  2. Do one of the following:
    Option Description
    Internet Explorer 6 At the Security Alert dialog or Certificate Error alert, click View Certificate. (You can also click the SSL security icon to locate the View Certificate option.)
    Internet Explorer 7 and 8
    1. Click the X on the Certificate Error to the right of the URL address field.
    2. On the warning dialog, click View certificates.
  3. On the Details tab of the Certificate dialog, click Copy to File. This starts the Certificate Export wizard.
  4. Follow the instructions in the wizard to export the certificate to a file. Use the following information when prompted for information by the wizard:
    • Export File Format: Use the default selected by the wizard.
    • File to Export: Choose any location and name for the export file.
  5. When the wizard is finished and you have closed the related dialog boxes, locate the plug-in trust keystore file. The file is named cacerts, and is located in the \lib\security subfolder where JRE is installed; for example, C:\Program Files\Java\jre\lib\security.
    Tip: You can use the Windows search function to look for cacerts.
  6. Open a command window and navigate to the folder where the cacerts file is located.
  7. Enter the following command at the command line to run the JRE keytool utility. This imports the certificate. Once imported, you should be able to run the Java applets without an SSLHandshakeException.
    ..\..\bin\keytool -import -file "<export_file_name>" 
     -alias <alias> -keystore cacerts -storepass <password>

    where:

    export_file_name is the full path and file name of the file you exported above. alias is a unique name identifying the keystore entry. password is the keystore password. The default password is changeit.



Feedback

Last updated: March 2013
wp_basics_first_jre002.htm

© Copyright IBM Corporation 2013.
This information center is powered by Eclipse technology. (http://www.eclipse.org)