Updating cacerts speed dating for young professionals
You would replace it so the JVM uses the new Trust Manager, no matter what application is running.
Anyway, I still can't see the case where the certs are so often changed.
When creating a Java keystore you will first create the file that will initially only contain the private key.
You will then generate a CSR and have a certificate generated from it.
We need to have a certificate in Java's cacerts keystore for one of our servers that is authenticated by LDAP. We have successfully done this by updating the cacerts file in /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/security but occasionally a Java update is installed and the cacerts file seems to be getting replaced by a default one that doesn't contain our changes.
This doesn't happen very often but it is becoming a bit of a pain when it does happen.
Generic instructions on how to make them can be found on the Windows Mobile blog.The problem is we need to do this without having to restart the JVM each time.I've been looking for a solution for a few weeks but haven't found anything, is it possible to reload the cacert file without restarting the JVM?If you really can't do that, which you really should, Java installs its own cacerts file when it updates so you will just have to cope with it.In order to have your browser or system automatically trust all certificates signed by the CAcert Certificate Authority, you must instruct your platform or browser to trust the CAcert root certificate Trusting a new Certificate Authority is a process that varies from one platform to the next, so here are some of the ways to trust the CAcert root certificates.