• 13
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Trust non-CA certificate on RHEL 7/Java

I have a Active Directory controller with LDAPS enabled. When I want Atlassian-products (Jira, Confluence etc.) to use LDAPS towards that controller, it won't trust the certificate.

I have tried importing the CA-certificate into RHEL (using update-ca-trust), and it's imported fine. The issue then is that the CA-certificate is signed using a algorithm not supported by Java (RSASSA-PSS).

Is there a way to directly trust the server certificate (not the CA)?

Your Java Virtual Machine has a cacerts Keystore that is supposed to contain any certificate that should be trusted. Despite its name, you may place non-CA certificates in this store and they will still be trusted.

Where exactly this is located depends on your system; I haven’t fooled around much with Java on RHEL, and they like to do things strangely there. But, it is typically located in {JAVA_HOME}/jre/lib/security/cacerts. Use the java keytool to import the certificate. The password for cacerts by default is changeit.

  • 3
Reply Report

Trending Tags