Java Keytool error after importing certificate , "keytool error: java.io.FileNotFoundException & Access Denied"

cyber101 picture cyber101 · Apr 25, 2012 · Viewed 255.3k times · Source

I'm trying to connect a Java Web API via HTTPS; however, an exception is thrown:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException

I followed these steps which I learned from online keytool & SSL cert tutorials:

  1. I copied the HTTPS URL into the browser, downloaded the SSL certificates & Installed them in the browser using Internet Explorer.

  2. Exported the certificates to a path on my computer, the certificates were saved as .cer

  3. Used the keytool's import option. The command below executed without any errors.

    keytool -import -alias downloadedCertAlias -keystore C:\path\to\my\keystore\cacerts.file -file C:\path\of\exportedCert.cer
    
  4. I was prompted for a password at the command prompt, which I entered then I was authenticated.

  5. The cmd window printed some certificate data & signatures and I was prompted with the question:

    Trust this certificate?

    I answered yes.

  6. The cmd prompt displayed

    Certificate was added to keystore

    However after that message, another exception was displayed:

    keytool error: java.io.FileNotFoundException: C:\Program files\...\cacerts <Access Denied>
    

Finally when I checked the keystore , the SSL certificate was not added and my application gives the same exception I was getting earlier when trying to connect:

(javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException)

Answer

Sharan Rajendran picture Sharan Rajendran · Jul 5, 2012

This could happen if you are not running the command prompt in administrator mode. If you are using windows 7, you can go to run, type cmd and hit Ctrl+Shift+enter. This will open the command prompt in administrator mode. If not, you can also go to start -> all programs -> accessories -> right click command prompt and click 'run as administrator'.