Server Certificates

If you want DataView to connect to an https server such as Apache SSL the server must have a "certificate" that is signed by a recognized company that charges money to do that. You can use a self signed certificate if you import it into the java file cacerts using the "keystore" utility that comes with Java.

Here how to do it on Linux which should work for other Unix based systems.

1. Check your PATH environmental variable to see which version of Java it points to. If in doubt, try the command "which java" to see what that reports. If your version of DataView bundles a jre you can copy the cacerts file into your jre when you are done.

2. check that the file cacerts is writeable...if not: chmod u+w cacerts

IMPORTANT: crts generated by openssl may contain additional text above the line

-----BEGIN CERTIFICATE-----

The keytool won't import these crts unless you remove the text above the this. You can do this to a copy of your crt.

cd /path/to/java/jre/lib/security

$ keytool -import -alias mycrt -file /usr/local/apache/conf/ssl.crt/ssl.mydomain.com.crt -keystore cacerts
Enter keystore password:  changeit

The keytool will spit out a response similar this...

Owner: EMAILADDRESS=network@mydomain.com, CN=ssl.mydomain.com, OU=network, O=MyDomain, L=Bellingham, ST=Washington, C=US
Issuer: EMAILADDRESS=network@mydomain.com, CN=ssl.mydomain.com, OU=network, O=MyDomain, L=Bellingham, ST=Washington, C=US
Serial number: 0
Valid from: Wed Apr 14 10:56:33 PDT 2004 until: Thu Apr 14 10:56:33 PDT 2005
Certificate fingerprints:
         MD5:  AE:1B:04:FE:63:BC:96:82:47:9B:66:BD:00:89:E9:3B
         SHA1: 50:37:38:3E:78:3E:40:B5:1E:59:21:D3:4A:23:75:72:68:1F:EB:17

And then ask you...		 
		 
Trust this certificate? [no]:  yes
Certificate was added to keystore

Copy cacerts to the jre/lib/security directory of the jre you use to run DataView.