How to set up Java VM to use the root certificates (truststore) handled by Mac OS X

java macos ssl-certificate scribe truststore
Tamas picture Tamas · Jan 11, 2013 · Viewed 15.9k times · Source

I get the following exception while using the scribe OAuth library. 

Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Based on some googling it seems I should set up the JVM truststore somehow.

Why do I need to do this? How can I instruct the Java VM to use the default truststore of the os? (Mac OS X in my case).

Answer

rmbrad picture rmbrad · Jul 20, 2019

You can use the Apple JCA Provider to use the OSX keychain as the java trust store. Just start the JVM with the following system property:

-Djavax.net.ssl.trustStoreType=KeychainStore

You can set this property for every started JVM using the JAVA_TOOL_OPTIONS environment variable, as described in hagrawal's answer.

Related questions

How to install Java 8 on Mac

I want to do some programming with the latest JavaFX, which requires Java 8. I'm using IntelliJ 13 CE and Mac OS X 9 Mavericks. I ran Oracle's Java 8 installer, and the files look like they ended up at /Library/Java/JavaVirtualMachines/jdk1.8.0_05.…

Read More
How to set or change the default Java (JDK) version on OS X?

How can you change the default version of Java on a mac?

Read More
Where is Java Installed on Mac OS X?

I just downloaded Java 7u17 on Mac OS 10.7.5 from here and then successfully installed it. In order to do some JNI programming, I need to know where Java installed on my Mac. I thought that inside the /Library/Java/JavaVirtualMachines/ …

Read More