Importing the Public Certificate

Use the keytool command to import the public certificate into your testing or Unwired WorkSpace environment, so that you can establish HTTPS connections with Unwired Server.

Prerequisites

You must first configure Unwired Server to accept HTTPS connections. You can then import the public certificate generated during that process and use it to secure HTTPS communications with Unwired Server.

Task

Use the Java keytool command to import the public certificate into the JRE on the host from which you want to connect to Unwired Server using HTTPS. The host is your Unwired WorkSpace installation, or the host on which you develop .NET client applications; for example, C:\Sybase\UnwiredPlatform\JDK<version>\jre). This task prepares your system to run J2SE Unwired Platform device applications.

  1. From the JRE\bin directory enter the command: %JAVA_HOME%\bin\keytool -import -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -file (path to the certificate)
    The -file argument is the path to the public certificate.
    If the import is successful, replace the default keystore password, which can be whatever you want. For example:
    Enter keystore password:mykey 
Re-enter new password:mykey
  2. After entering the password you see output, similar to this, that identifies the certificate:

    Owner: CN=UEP, OU=ITS, O=Sybase, L=Concord, ST=NH, C=US 
Issuer: CN=UEP, OU=ITS, O=Sybase, L=Concord, ST=NH, C=US 
Serial number: 31
Valid from: Sun May 11 16:04:03 EDT 2008 until: Wed May 12 16:04:03 EDT 2010 
Certificate fingerprints:         
MD5:  50:E1:8E:53:FE:3C:C9:E6:34:70:71:01:8E:09:C8:CE
SHA1: 20:B5:26:B0:9B:8B:F7:9E:16:BA:2E:13:3D:03:73:32:AA:6A:52:53         
Signature algorithm name: MD5withRSA         
Version: 3
Extensions: 
#1: ObjectId: 2.5.29.15 Criticality=true 
KeyUsage [
Key_Encipherment  
Key_Agreement  
Key_CertSign
Crl_Sign 
] 
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[  
CA:true  
PathLen:10 
]

    The owner and Issuer information should match the information you entered when you generating the certificate and key.

  3. Answer Y when asked whether to trust this certificate or not: 
    Trust this certificate? [no]:  y 
Certificate was added to keystore

    If you accept the default [no], the certificate is not added to the keystore.

The certificate should now be available from the keystore. If you enter an incorrect or invalid keystore path, or if the certificate import fails for other reasons, you receive a connection error when a J2SE client running on Windows attempts to connect (assuming this client points to the same %JAVA_HOME% as your import command). For example:
java.lang.RuntimeException: 
Synchronization of MetaData failed:
ianywhere.ultralitej.implementation.JrException: 
UltraLiteJ Error[-44]: Sync upload failure: 'sun.security.validator.ValidatorException: 
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target'
Parent topic: Configure - Eclipse Development Environment
Related concepts
Preferences
Importing and Exporting Connection Profiles and Projects
Related tasks
Creating a Data Source Connection Profile
Creating a Sybase Unwired Server Connection Profile
Related reference
Certificate Generation Command Line Utility Reference