How to add a certificate as trusted to the current JVM instance programmatically

Question

How would I go about adding a certificate as trusted to the current JVM instance without chaging or deleting existing trusted certificate entries? Additionally this must not modify any truststores on the filesystem and should only be valid in the current jvm instance.

Is there any way to do this?

Answer 1

Copy the cacerts file that ships with Java.

Use either the keytool command or the InstallCert application to add certficates or CAs as needed.

Then use the -Djavax.net.ssl.trustStore="file path to new truststore" -Djavax.net.ssl.trustStorePassword="password for new truststore" VM arguments as needed when you start your application.