Certificates, keystores and all that jazz September 28, 2016Posted by javafoo in Uncategorized.
What is it with certificates and developers? Most developers I have interviewed always try to glaze over it or try to brush it off saying, oh someone sets it up for us. I can’t believe someone has worked with webservices or for that matter even a simple http client in java without encountering trust issues with self signed certs or knowing how to get a certificate from a browser and installing the cert chain into a key store. Most webservices will use self signed ssl certs for lower environments like dev, sandbox etc. Another thing is using a private key to connect to an end point that does mutual ssl. I have had to show how you can import a private key file into the browser and then hit a secure endpoint and people look at me like it’s some voodoo. Yes you can do it in the browser.