Installation of certificate for Java Runtime: הבדלים בין גרסאות בדף

מתוך ויקי נטפרי
קפיצה לניווט קפיצה לחיפוש
(ניסוח)
מ (fix: use {{he}} for link to hebrew page instead of {{en}} (דרך WP:JWB))
 
(6 גרסאות ביניים של 2 משתמשים אינן מוצגות)
שורה 1: שורה 1:
{{עמוד בעברית|התקנת תעודה עבור Java}}
+
{{he|התקנת תעודה עבור Java}}
<div lang="en" dir="ltr" class="mw-content-ltr">
 
{{קישור אנגלית לתצוגת קריאה}}
 
 
{{Navigation|Security certificate}}
 
{{Navigation|Security certificate}}
  
'''Update: as of 3 May 2019, a [[Standard certificate installer|new certificate installation software]] was released, the new software automatically installs the certificate also in JAVA running environment.'''
+
'''Update: as of 3 May 2019, a [[Standard certificate installer|new certificate installation software]] was released, the new software automatically installs the certificate also in Java Runtime Environment.'''
===Java Runtime Environment===
 
The Java Runtime does not use the OS certificate store, but instead maintains it's own trusted certificate store. In order for Java based programs (e. g. Eclipse IDE) to be able to access secure sites, it is necessary to install the certificate into the Java certificate store.
 
  
Download the NetFree Security certificate from. http://netfree.link/netfree-ca.crt
+
==Java Runtime Environment==
 +
The Java Runtime does not use the OS certificate store, but instead maintains it's own trusted certificate store. In order for Java based programs (e. g. Eclipse IDE) to be able to access secure sites, It is necessary to install a security certificate for Java separately using the dedicated tool that comes as part of the JVM.
  
Then run the following command in an elevated command prompt<ref>The Security certificate must be stored in the same folder as keytool, otherwise in the command you must change the parameter "netfree-ca.crt" to the full path of the certificate.</ref>:
+
Download the NetFree Security certificate from. https://netfree.link/netfree-ca.crt
  
<pre>
+
On windows systems, in case you have installed the security certificate installer, the certificate already exists in the following location:
keytool -import -trustcacerts -alias netfree-ca -file netfree-ca.crt -keystore "%JAVA_HOME%"/jre/lib/security/cacerts -storepass changeit
+
 
</pre>
+
%ProgramData%\NetFree\CA\netfree-ca-last.crt
 +
 
 +
Once you know the certificate location path, run a command line - CMD in the Command Prompt window run as an administrator, and move to the folder where the keytool software is located - the dedicated tool for adding a security certificate to the unique certificate database for JAVA.
  
 
"keytool" is located in the following location:
 
"keytool" is located in the following location:
שורה 20: שורה 19:
 
%JAVA_HOME%\bin
 
%JAVA_HOME%\bin
 
</pre>
 
</pre>
Or:
+
Or
 
<pre>
 
<pre>
C:\Program Files\Java\jdk<Your JDK version>\bin
+
C:\Program Files\Java\jdk<הגירסה המותקנת אצלכם>\bin
 
</pre>
 
</pre>
  
===JAVA-based software===
+
After navigating the command line to the keytool location and checking that it exists in that location (by running the keytool command and checking the output, or running directly at any location where you will be of the command "JAVA_HOME%\bin\keytool%")
 +
 
 +
Write the following command (the exact location of the security certificate file):
 +
<pre>
 +
keytool -importcert -trustcacerts -alias netfree-ca -file %ProgramData%\NetFree\CA\netfree-ca-last.crt -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit -noprompt
 +
</pre>
 +
 
 +
The command output should be like this:
 +
 
 +
certificate added to the keysotre.
 +
 
 +
In any case if the output is not like this, you should check the output that appears in depth and see which data is incorrect.
 +
 
 +
In order for the changes to take effect on software that has a security issue, the software must be restarted.
 +
 
 +
=== Command for Mac / Linux computers===
 +
KEYSTORE=/path/to/cacerts
 +
curl -sL <nowiki>https://netfree.link/netfree-ca.crt</nowiki> |  keytool -importcert -trustcacerts -alias netfree-ca-$(date "+%m%d%H%M%S")  -keystore $KEYSTORE -storepass changeit -noprompt
 +
 +
Note: The above command downloads and also installs the certificate without leaving a trace in the file system. The certificate is given a unique name so that it can be installed again and again without any problems. This is useful in case of changing a supplier and needs to be installed again.
 +
 
 +
 
 +
==JAVA-based software==
 
Sometimes JAVA-based software installs a private Java Runtime Environment in Program Files instead of using the globally installed environment (e.g., all intelij software (including android studio)). In this case it is necessary to import the NetFree certificate for each software separately.
 
Sometimes JAVA-based software installs a private Java Runtime Environment in Program Files instead of using the globally installed environment (e.g., all intelij software (including android studio)). In this case it is necessary to import the NetFree certificate for each software separately.
  
 
To import the certificate, you must first locate the file that stores the certificates. Usually the JAVA environment is installed in program files in a subfolder named java or jre. Inside the subfolder there will be a path named:  <code>lib\security\</code> and inside it a file named <code>cacerts</code>.
 
To import the certificate, you must first locate the file that stores the certificates. Usually the JAVA environment is installed in program files in a subfolder named java or jre. Inside the subfolder there will be a path named:  <code>lib\security\</code> and inside it a file named <code>cacerts</code>.
  
====Solution 1====
+
You can search for files named cacerts at the command prompt using the following command:
 +
 
 +
dir c:\ /s /b | findstr -i cacerts
 +
 
 +
You can also search for the cacerts file that the software uses, with search software such as [https://www.voidtools.com/downloads/ everything] searching for the word cacerts and check the path of the file.
 +
 
 +
===Solution 1 (recommended)===
 
Find the path to the <code>cacerts</code> file in the specific software installation, and use this path with the command mentioned above.
 
Find the path to the <code>cacerts</code> file in the specific software installation, and use this path with the command mentioned above.
====Solution 2====
+
===Solution 2===
 
 
 
The security certificate can be imported using graphical software called KeyStore Explorer, the software is downloadable from [https://keystore-explorer.org/downloads.html here].
 
The security certificate can be imported using graphical software called KeyStore Explorer, the software is downloadable from [https://keystore-explorer.org/downloads.html here].
  
==Instructions for use:==
+
====Instructions for use of KeyStore Explorer software:====
 
The software usually needs to be run as a administrator.
 
The software usually needs to be run as a administrator.
  
שורה 57: שורה 83:
 
[[קובץ:KeyStore 4.png|לא ממוסגר]]  
 
[[קובץ:KeyStore 4.png|לא ממוסגר]]  
  
And select the NetFree certificate file. [http://netfree.link/netfree-ca.crt (can be downloaded from here)].
+
And select the NetFree certificate file. [https://netfree.link/netfree-ca.crt (can be downloaded from here)].
  
 
In the next window, click "OK".
 
In the next window, click "OK".

גרסה אחרונה מ־04:10, 17 באוגוסט 2023

לעברית לחצו כאן

To switch from edit view to read view

To search in the Wiki

Home page > Security certificate > Installation of certificate for Java Runtime ‎‎


Update: as of 3 May 2019, a new certificate installation software was released, the new software automatically installs the certificate also in Java Runtime Environment.

Java Runtime Environment

The Java Runtime does not use the OS certificate store, but instead maintains it's own trusted certificate store. In order for Java based programs (e. g. Eclipse IDE) to be able to access secure sites, It is necessary to install a security certificate for Java separately using the dedicated tool that comes as part of the JVM.

Download the NetFree Security certificate from. https://netfree.link/netfree-ca.crt

On windows systems, in case you have installed the security certificate installer, the certificate already exists in the following location:

%ProgramData%\NetFree\CA\netfree-ca-last.crt

Once you know the certificate location path, run a command line - CMD in the Command Prompt window run as an administrator, and move to the folder where the keytool software is located - the dedicated tool for adding a security certificate to the unique certificate database for JAVA.

"keytool" is located in the following location:

%JAVA_HOME%\bin

Or

C:\Program Files\Java\jdk<הגירסה המותקנת אצלכם>\bin

After navigating the command line to the keytool location and checking that it exists in that location (by running the keytool command and checking the output, or running directly at any location where you will be of the command "JAVA_HOME%\bin\keytool%")

Write the following command (the exact location of the security certificate file):

keytool -importcert -trustcacerts -alias netfree-ca -file %ProgramData%\NetFree\CA\netfree-ca-last.crt -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit -noprompt

The command output should be like this:

certificate added to the keysotre.

In any case if the output is not like this, you should check the output that appears in depth and see which data is incorrect.

In order for the changes to take effect on software that has a security issue, the software must be restarted.

Command for Mac / Linux computers

KEYSTORE=/path/to/cacerts
curl -sL https://netfree.link/netfree-ca.crt |  keytool -importcert -trustcacerts -alias netfree-ca-$(date "+%m%d%H%M%S")  -keystore $KEYSTORE -storepass changeit -noprompt

Note: The above command downloads and also installs the certificate without leaving a trace in the file system. The certificate is given a unique name so that it can be installed again and again without any problems. This is useful in case of changing a supplier and needs to be installed again.


JAVA-based software

Sometimes JAVA-based software installs a private Java Runtime Environment in Program Files instead of using the globally installed environment (e.g., all intelij software (including android studio)). In this case it is necessary to import the NetFree certificate for each software separately.

To import the certificate, you must first locate the file that stores the certificates. Usually the JAVA environment is installed in program files in a subfolder named java or jre. Inside the subfolder there will be a path named: lib\security\ and inside it a file named cacerts.

You can search for files named cacerts at the command prompt using the following command:

dir c:\ /s /b | findstr -i cacerts

You can also search for the cacerts file that the software uses, with search software such as everything searching for the word cacerts and check the path of the file.

Solution 1 (recommended)

Find the path to the cacerts file in the specific software installation, and use this path with the command mentioned above.

Solution 2

The security certificate can be imported using graphical software called KeyStore Explorer, the software is downloadable from here.

Instructions for use of KeyStore Explorer software:

The software usually needs to be run as a administrator.

In the welcome window, click on the highlighted area:

KeyStore 1.png

In the window that opens, choose the cacerts file, which is in the location described above.

KeyStore 2.png

A password request will now appear:

KeyStore 3.png

The default password is changeit .

Now the file is open and we will see a list of existing certificates . Click "Import Trusted Certificates":

KeyStore 4.png

And select the NetFree certificate file. (can be downloaded from here).

In the next window, click "OK".

KeyStore 5.png

ctrl+s Or Clicking "Save" to save the changes
KeyStore 4.1.png